News
Uno de los Centro de Procesamiento de Datos del Gobierno de Navarra

The Government of Navarra’s cybersecurity services halt 25 million intrusion attempts in one year

The Telecommunications, Infrastructure and Cybersecurity Service, protecting the Government of Navarra’s IT systems, has recorded a significant increase in attempted cyberattacks on the Administration’s IT systems, with the number of cyberthreats having tripled over the past five years.

On an annual basis, this team has thwarted 25 million intrusion attempts; blocked more than 6 million attempts to access malicious websites; detected 700,000 reconnaissance scans of online services; and neutralised around 90% of malicious emails before they reached the inboxes of staff across departments, thus reinforcing the protection of personal data.

These results highlight the importance of ongoing information security efforts, especially today, European Data Protection Day, which underscores the need to preserve the confidentiality and integrity of personal data.

As a result, the Directorate General of Telecommunications and Digitalisation of the Department of University, Innovation and Digital Transformation will allocate nearly 1.5 million euros this year to cybersecurity services, with the aim of ensuring the continuity of increasingly digitalised public services and safeguarding citizens’ personal information.

An additional 320,000€ will go to the Navarra Cybersecurity Center (NavCC), bringing the total above 2 million euros dedicated to this area. The focus of this centre is to raise public awareness of cyberthreats, as well as running awareness initiatives for minors in collaboration with the Department of Education.

In addition, the NavCC also works with Navarra’s business community so that companies become more resilient to current risks online, as well as to adapt to new European regulations such as the Cyber Resilience Act (CRA) in order to continue selling Internet‑based products and services. This centre is funded primarily with RETECH European funds, thanks to which the Government of Navarra has secured a total of 2.6 million euros, complemented by an additional one million euros from its own budget for operations during 2023–2026.

The various cybersecurity measures implemented in the Government of Navarra’s critical systems are implemented both in its two own Data Processing Centres (CPDs) and in the cloud. Their areas of action include the cybersecurity strategy, with risk analysis as the main tool; technological security auditing, assessing the security of platforms from the perspective of a malicious hacker; and cyberattack management, carrying out preventive measures through the automatic blocking of cyberthreats and the detection of suspicious activity.

More specifically, the anti‑hacker teams (SOC) are built on three basic pillars: people with specialised training; hybrid technology, combining traditional solutions with cutting‑edge technology; and various processes that connect this technology with people to achieve the expected result of protecting the personal data of Navarra’s citizens.

Upcoming Certification at the Highest Security Level
In line with the commitment to data protection and information security in the Government of Navarra’s services, the Directorate General of Telecommunications and Digitalisation is currently working to obtain certification under the National Security Scheme (ENS) at the high level, the most stringent under the regulation, for its technological infrastructures located in Navarra’s Data Processing Centres (Data Centres). It is expected that this milestone will be achieved during the first half of this year.

This certification, which is currently at the medium level in Navarra, recognises that the systems meet the highest security standards required in the public sector, following a rigorous process of review, improvement and verification, in a coordinated effort by technical and management teams who have worked for months to reinforce the protection of information and digital services.

For citizens, obtaining this certification translates into greater confidence, ensuring that personal data are better protected, that systems are more reliable, and that digital public services are prepared to prevent incidents and respond quickly to any cyberthreat. 

Source: navarra.es

Related News