The latest report from Sindicatura de Comptes warns of major shortcomings in cybersecurity. Alicante Town Hall. The document also points to several aspects that need action to be corrected immediately. Related National Security PlanThe autonomous body argues that the City Council should make improvements to achieve the levels necessary for the protection of information systems, especially in controls that contain significant shortcomings. Concerning the previous report on this issue, which corresponds to 2019, slight progress has been made since the previous audit, and Sindicatura assures that its recommendations are only partially addressed.
General maturity index of key controls cyber security While it was 48.8% in 2019, it shows a value of 51.7%. Therefore, the level of controls analyzed is still insufficient and needs improvement. The City Council does not have adequate cybersecurity management in place. superior bodies Consulateshould strengthen support for human and budgetary resources devoted to information security, as those charged with control. Likewise, the analysis reveals that there is a very low level of compliance in terms of compliance with legal regulations regarding information security.
With respect to the National Security Plan, the City Council should identify individuals for roles defined in the security policy, and information security committee. Sindicatura also provides a set of recommendations to help correct observed deficiencies and improve Consistory’s cybersecurity management procedures. Among them, they recommend completing the implementation of solutions to restrict access of unauthorized physical devices to the corporate network, reviewing and updating all systems outside the support period, and finalizing and formally approving the procedure for managing users with access privileges. .
Sindicatura has worked to monitor the City Council’s core cybersecurity controls regarding the situation demonstrated in the 2019 audit. public administrations and their interconnections through complex computer networks expose them increasingly to threats from cyberspace. This situation increases the risks regarding the information systems that support the public services and thus the information they handle. In fact, local organizations have been one of the most affected targets by the waves of cyber attacks.