hit tracker
Friday, July 12, 2024
HomeLatest NewsEnresa seeks 'data center' and cybersecurity experts to be a nuclear bunker

Enresa seeks ‘data center’ and cybersecurity experts to be a nuclear bunker

Date: July 12, 2024 Time: 17:16:47

The National Radioactive Waste Company (Enresa) aspires to become a nuclear safety bunker. The public company has an open contract for the provision of hosting, communications and cybersecurity services for information systems valued at almost six million euros, but is finding it difficult to find a supplier and has been forced to meet the deadline to participate in the tender until May 31 – it ended on the 10th – due to the absence of offers.

Enresa has assessed its information assets at a medium level in accordance with the National Security Scheme (ENS) and, in this context, to efficiently carry out the organization’s activity it is necessary to have a series of processing centers. of data. (CPD), what is known as ‘data centers’, appropriate to the demands derived from said level.

The company recognizes in the contract’s supporting report that the current CPD, located at its headquarters in Madrid, does not meet the criteria and that it is therefore looking for specialized locations that guarantee security. You also want to have a secondary one to guarantee business continuity. Likewise, Enresa points out that it needs the ‘new’ CPD to provide the necessary communications to allow the connectivity of the different work centers with each other, with the Internet and with the company’s information systems, regardless of where they are hosted and from where the employees, the personnel of the contracting companies or the systems themselves are connected.

“The ENS considers security not as a goal but as a process of continuous improvement. Based on the inventory of the information assets of each entity obliged to comply with the Scheme, which must be reviewed from time to time, and their categorization according to the parameters that the ENS itself establishes, all entities follow an iterative process of Business to Information improvement.

Hosting, communications and cybersecurity services

In addition, it must provide the necessary capabilities to manage cybersecurity risks that may compromise the confidentiality, integrity, authenticity, traceability and availability of the company’s information assets. For its part, with regard to inter-center communications and information security, Enresa also lacks its own personal and material resources to cover these very specialized services, and in 2019 it formalized a service contract that ends on the 31st. December of this year.

In summary, the purpose of the contract is the provision of hosting, communications and cybersecurity services for Enresa’s information systems. The tasks to be carried out include knowing the context of Enresa and its business, its security policy, carrying out a risk assessment or analysis and implementing and operating an information asset and vulnerability management solution. The successful bidder must also provide accommodation for the CPD, implement and operate a communications infrastructure, as well as the interconnection network of all Enresa headquarters through an SD-WAN and implement security measures aimed at protecting information assets. . tion.

Prevention is also key for the company and that is why it will have a threat detection and response system, and will have a security event monitoring and management system. Finally, as a response and recovery method, there will be an operations and support center for all deployed infrastructure. The work will generally be carried out in the contractor’s offices, although there are some activities that by their nature require presence in the data processing centers or technical rooms of Enresa. The duration of the contract is 60 months, although given that the tasks require an overlap period with the current one, it is proposed that it begin from September 1, 2024, or the day following its formalization date in the event that sea ​​after the indicated date.

The profiles they are looking for for the contract are project manager, ‘senior’ communications technician, ‘senior’ security technician, ‘senior’ infrastructure technician, ‘senior’ cybersecurity analyst, communications operator, security operator and security operator. infrastructures. . Of the total value of the contract, 1.5 million euros correspond to personnel costs. In the event of possible modifications, the import will not exceed, in any case, 20% of the award price.

Medium level of the National Security Scheme

The medium level of the National Security Scheme is applied when the consequences of a security incident that affects any of the security dimensions pose serious damage to the functions of the organization, its assets or the affected individuals, according to Real. Decree 311/2022, of May 3. Serious damage is understood to be the significant reduction in the organization’s capacity to effectively develop its functions and competencies, even if these continue to be performed; when significant damage is caused to the organization’s assets; material breach of any law or regulation, or formal breach that cannot be remedied; a significant harm to an individual – difficult to repair; and other data of an analogous nature.

* This website provides news content gathered from various internet sources. It is crucial to understand that we are not responsible for the accuracy, completeness, or reliability of the information presented Read More

Puck Henry
Puck Henry
Puck Henry is an editor for ePrimefeed covering all types of news.

Most Popular

Recent Comments