Compliance

Compliance

Adequacy LOPD / GDPR,
LSSI, ENS, PIC.

We help your organization in the implementation and maintenance of national regulations related to cybersecurity.

  • Support and consulting for the implementation or maintenance.
  • Implementation status audit.
  • Global implementation or maintenance service (turnkey service).

Professional services on the following national regulations:

  • Organic Law on Protection of Personal Data and Guarantees of Digital Rights (LOPDGDD)
  • General Data Protection Regulation (GDPR)
  • Information Security Services Law (LSSICE)
  • Intellectual Property Law (LPI)
  • National Security (ENS)
  • Critical Infrastructure Protection Law (PIC)
  • Others related to electronic administration, digital certificates and electronic signature, information systems and the protection of digital assets.

DPD / DPO Service (Data Protection Delegate)

The Data Protection Delegate or Data Protection Officer (DPD or DPO) becomes essential with the European Data Protection Regulation for private and public organizations.

With our service, they can outsource the figure of the DPD. We offer extensive experience in privacy and protection of personal data, both in the public and private sectors, which allows us to assume the functions of the Data Protection Delegate, ensuring correct compliance with the regulations, both at a legal and technological level according to what required by the GDPR (General Data Protection Regulation) and the LOPDGDD (Organic Law on Data Protection and Guarantees of Digital Rights).

Advantages of outsourcing the DPO

  • Comply with the GDPR and the LOPDGDD in a simple way.
  • Ensure adequate treatment of the data.
  • Minimize the risk of penalties.
  • Improve customer confidence.
  • Greater compliance by employees.
  • Cost savings.

Appropriateness ISO / IEC 27001, ISO / IEC 27035, NIST, PCI-DSS, SOX, GxP, HIPAA

We help your organization in the implementation and maintenance of international regulations and frameworks related to cybersecurity and good practices.

We can offer you this service in different formats.

  • Support and consulting for the implementation or maintenance.
  • Audits prior to implementation and obtaining the initial status.
  • Internal audits required by the regulations.
  • Global implementation or maintenance service (turnkey service)

Definition of security policies and processes

If your organization requires the implementation of security policies and / or processes, we help you or even take care of the entire process to achieve your objectives:

  • Security politics.

  • BIA (Business Impact Analysis).
  • BCP (Business Continuity Plan).
  • DRP (Disaster Recovery Plan).
  • FOP (Functions and obligations of the personnel)
  • DLP (Information Leak Prevention).
  • Other policies or plans on demand.

Protection plans and intelligence services

We are experts in taking security to another level, including intelligence and counterintelligence strategies that allow us to achieve a high level of security against internal or external threats and defend ourselves with guarantees against attacks directed by organized groups of Cybercriminals, the competition or even the states.

Security Master Plan.

The implementation of a Security Master Plan aims to develop a roadmap that raises the cybersecurity levels of the organization and maintains them over time. The Master Plan addresses the security of the organization from the organizational, technical, logical, physical, human and legal or regulatory point of view.

Development of strategic counterintelligence plans.

Strategic counterintelligence plans, developing the activities and measures necessary to identify and counter threats orchestrated by hostile actors.

Development of intelligence strategies against threats.

Every organization has vital information that it must protect and must protect against any internal or external attack. We design and help implement intelligence strategies against threats, we put ourselves in the shoes of the attackers (criminal organizations, the competition, states, cyberterrorists or other actors), we identify their objectives, indicators of commitment and sources of information, with the objective to generate defence intelligence that allows us to detect such attacks before they happen.

Design of intelligence plans.

Their objective is to face the business and the security of the organization at a strategic, operational and tactical level, addressing aspects such as:

  • Update and review the organization’s strategic security plan.
  • Have the necessary information to respond to security and / or business needs.
  • Provide the organization with anticipation and reaction to threats.
  • Increase security and control in a competitive environment.
  • Facilitate decision making.

Success story

Adaptation to the National Security Framework (ENS) of the Llinars del Vallès City Council

With the help of NexTReT, Llinars del Vallès City Council was able to adapt to the National Security Scheme (ENS), experiencing a significant, tangible evolution with the implementation of the security controls carried out.