The Council of Ministers has approved the National Cybersecurity Plan, which will be endowed with 200 million euros more than initially announced. In total, 1,200 million euros will be allocated to its implementation, as detailed by the First Deputy Minister and Minister of Economic Affairs, Nadia Calviñoat a post-council press conference.
This plan is going to be put in place, among other things, to respond appropriately «to the greatest current geopolitical risk«, caused by the invasion of Ukraine. But in addition, the Government has approved a Royal Decree on 5G Cybersecurity, in whose preparation the “Toolbox” of the European Commission on cybersecurity of 5G networks has been taken into account. Also the coordinated risk analysis of the Member States as a common basis for the safe development of 5G technology in Europe.
Among the objectives of this law is the boosting the comprehensive security of the 5G ecosystem, in addition to promoting a sufficiently diversified market of 5G network and service providers. It also aims to strengthen security in the installation and operation of 5G networks, the protection of national security and the strengthening of the national industry in cybersecurity related to 5G. On the other hand, its regulations guarantee the rapid entry into force of the measures that give the opportunity to prohibit or limit the activity in the market of suppliers considered to be high risk.
In the elaboration of this royal decree law, the “Toolbox” of the European Commission has been taken into account on the cybersecurity of 5G networks and the coordinated risk analysis of the Member States as a common basis for a safe development of 5G technology in Europe. With its approval, the development of a reliable environment is sought to deploy 5G networks and services that give users confidence in them, both in terms of operation and protection of their data against security breaches or manipulations. Likewise, it is intended to determine the necessary measures to face the security risks to which these networks are exposed.
The approval of this decree on 5G cybersecurity, according to Europa Press, was scheduled for the second half of this year, but the invasion of Ukraine by Russia has accelerated the procedures for the law, which has finally been approved by decree. In its preliminary draft, a list was included detailing the risks of the providers based on their level of security. In addition, the decree establishes the controls that operators must carry out both in their networks and in their supply chain, in order to improve their protection.
The National Cybersecurity Plan includes 150 actions on online security. Among them is the opening of the Cybersecurity Operations Center of the General State Administration. Its development was awarded last February to Indra and Telefónica. In addition, the plan reinforces the measures of the National Cybersecurity Strategy, of 2019, with the 5G Cybersecurity decree, in addition to an investment that exceeds 800 million euros.
Among the measures aimed at this reinforcement is the development of a system of cybersecurity indicators at the national level. Also an increase in the creation of security infrastructures in communities, as well as in local entities. Apart from this, it also incorporates other measures to boost the online security of the self-employed, micro and SMEs; as well as the promotion and increase of the culture of online security. For all this, the Recovery Plan planned an investment of 98 million euros.