• Isdefe played a key role in the implementation of the Justice Electronic Communications project, whose primary component is the LexNET system, and in its deployment and generalisation. The scope of the system was adapted and expanded for use by new groups (attorneys, law enforcement agencies, state attorneys and medical centres).
    The traditional legal processing system (Minerva) has evolved significantly toward digital processing in order to reduce the paperwork involved in the legal system. The addition of new components has allowed the Digital Justice System to be implemented in any territory under its jurisdiction.
  • Complete centralisation of servers at the provincial level, reducing operating costs and improving the control and security of the servers.
  • Creation in 2016 of the Security Office at the Sub-Directorate General for New Justice Technologies, which Isdefe supports with more than eight engineers, the goal being to provide technical assistance to safeguard the Ministry’s critical information systems, like LexNET, online reporting systems, the Integrated Judicial System and the Minerva legal processing system. In this area, Isdefe also supported the Ministry in developing the specific regulation for the Judicial Interoperability and Security Scheme.
  • Regulatory development of the Judicial Interoperability and Security Scheme (EJIS) and with the activities of the Technical State Committee for the Electronic Administration of Justice (CTEAJE).

Systematic preparation of the process manuals for all offices to coincide with the roll-out of the new Digital Justice System. A large number of training courses have been taught in this area to professionals at legal venues.

  • Technical assistance provided by a group of over 20 engineers, highly specialised in different areas of cybersecurity (risk management, penetration testing, forensic analysis, threat monitoring, vulnerability analysis, cyberincident response and certification inspection and audits), in support of MCCD plans to obtain defence, operational and response capabilities.
  • Isdefe’s collaboration with the MCCD dates back to its creation on 19 February 2013 by way of Ministry Order 10/2013, which created the Joint Cyber Defence Command, issued by the Ministry of Defence, although Isdefe had been supporting the Defence Staff prior to that, providing technical assistance in preparing the “Military Cyber Defence Concept”, approved by JEMAD on 28 July 2011, as well in defining the “Action Plan to Obtain Military Cyber Defence Capabilities”, approved by JEMAD on 12 July 2012.
  • One of the strategic areas of cooperation with the MCCD is Isdefe’s participation in the NATO Cooperative Cyber Defence Centre of Excellence (CCDCoE), created in May 2008 in an effort to strengthen the Cyber Defence capabilities of NATO and its member States. NATO currently has 19 allied nations. In this context, Isdefe has assigned an engineer to Tallinn (Estonia) as a cyber security R&D expert, as part of Spain’s contribution to the CCDCoE. As part of this cooperation, Isdefe engineers have taken part in organising cyber exercises, like “Locked Shields” and “Cyber Coalition”, in developing and teaching international courses and in preparing reports and studies on various technological aspects of cyber defence.

  • Work associated with implementing NATO’s Future Mission Network (FMN) in the Spanish Armed Forces, with special focus on its security and interoperability aspects. This support includes participating in different national and international panels and working groups, as well as in the design and deployment of the FMN-ESP Interoperability Laboratory.
  • In this context, of special note is the planning and execution of different NATO exercises, including steadfast Cobalt and CWIX. In this latter exercise, Spain resumed its involvement led by the Defence Staff (EMAD).

  • In 2016, the National Centre for Cryptology (CCN) started the process to designate Isdefe as an accredited certifying entity for issuing certificates of conformity for limited distribution systems.
  • As part of its collaboration with the CCN, Isdefe started work to prepare a Catalogue of Security Products for Information and Communications Technologies (CPSTIC) for the CCN, intended to provide a reference for trusted and objectively qualified products that can be used in the networks of government agencies.
  • Support to the GSA (European Global Navigation Satellite Systems Agency) as part of its contract on “Security Certification Support Services to the GSA”, on tasks including independent security tests of classified systems conducted at the Agency’s central offices in Prague, at the European Space Agency’s centre in Redu, Belgium, and of the control and monitoring systems for Galileo in Fucino, Italy, in Oberpfaffenhofen, Germany and in Swanwick, United Kingdom.

  • Collaboration in defining Strategic Sector Plans (PES) for the Space and ICT sectors. Also, under the purview of the Law for the Protection of Critical Infrastructure, provided support to various critical operators in their enforcement of said law, preparing operator security (PSO) plans and specific protection plans (PPE).
  • Isdefe has been working with the CNPIC since its creation in 2007. This collaboration grew following the approval of Law 8/2011 and Royal Decree 704/2011, which implements it, through the participation in the Informal Critical Infrastructure Protection Group (GIPIC), whose purpose was to develop minimum guidelines and best practices to orient and help future critical operators in preparing PSOs and PPEs as part of their duties and responsibilities under the Law for the Protection of Critical Infrastructure. Isdefe was part of a group of nine companies and public agencies that made up the working group, and was responsible for the technical aspects of the group.

  • Technical support to the General Directorate for Records and Notaries (DGRN), providing advice on aspects involving system security, interoperability, efficiency and engineering, in particular on everything pertaining to defining and implementing the new Civil Registry model, and specifically in the application and enforcement of the Personal Information Protection Law (LOPD) and the National Security System (ENS).
  • Of particular interest in this context is the roll-out and implementation in 2016 of the ANDES project, the result of completing measure CORA 2.02.002.32 on the electronic reporting of births and deaths by medical centres to civil registries. This measure was proposed and developed by the Subcommission for Administrative Simplification of the Commission to Reform Public Administrations.

Cooperated to provide technical support for activities pertaining to the implementation of the National Security System (ENS) and the National Interoperability System (ENI), as well to promote the national government’s digital transformation plan, as per the 2015-2020 ICT Strategy.

  • Preparation of the Operator Safety Plans and updating of the Protection Plans for Port Facilities for different port authorities, in support of developing measures associated with the critical infrastructure and maritime protection regulation.
  • Design of the inspection system for monitoring the enforcement of maritime protection regulations, establishing the procedures required for their implementation and proposed ministry order for processing.
  • In order to implement and standardise the regulation on critical infrastructure with the maritime protection regulation, Isdefe set up the training requirements for Port Protection Officers (OPP), guidelines were given for analysing ship protection information prior to its entry into port, a catalogue of frequently asked questions on implementing the regulation on critical infrastructure was written, as were recommendations for handling classified information.

As part of the safety engineering activities. Isdefe crafted a survey on the security of employee information, analysed the results and prepared security recommendations for sharing information with outside companies. Isdefe also updated the risk analysis, reviewed incidents detected and analysed the scope of the National Safety System (ENAS) at ENAIRE.

Entities and organisations to which we provide services