AUTELSI Breakfast. Presentation of the study "Action procedure for security incidents requiring notification"

New security legislation is now being passed with breathtaking speed, forcing organizations to set up a slew of security measures to suit. The common denominator in many of these new regulations is the legal obligation on organizations to report any security incidents. Unfortunately, however, the specific conditions under which this reporting has to be done (When? How much? How often? Reporting to whom? In which format?) has not yet been clearly spelled out. Organizations hence harbor serious doubts about how exactly to meet this particular reporting obligation.

Mindful of this grey area, the Quality and Security Working Group of the Spanish Association of Information-Society and Telecommunications Users (Asociación Española de Usuarios de Telecomunicaciones y de la Sociedad de la Información: AUTELSI) has drawn up the study "Action procedure for security incidents requiring notification". GMV, as a member of the working group, has collaborated in the preparation and writing of this report, with Mariano J. Benito, CISO of GMV Secure e-Solutions, as the company’s group representative.

The study is to be presented on the upcoming 5 October at the GMV-sponsored breakfast to be held in the head office of Red.es. The breakfast will include representatives from companies like Spain’s national railway network, RENFE, CEPSA, the Ministry of Public Works, INCIBE, CCN, Garrigues and DIA, among others.

GMV has been collaborating with AUTELSI for some time now with the aim of helping AUTELSI to drive the information society in Spain, promoting within society in general and among users in particular the study and investigation of all matters directly or indirectly related to telecommunications services and the information society, and bringing all this information to wider notice in an objective way.