What is CERTSI

The Computer Emergency Response Team for Security and Industry (CERTSI) is the Response Capacity to Information Security Incidents within the Ministry of Energy, Tourism and Digital Agenda and the Ministry of Home Affairs. By common accord with the National Council for Cybersecurity from 29 May 2015, CERTSI is the National CERT responsible for the prevention and mitigation of, and the response to, cyber-incidents in the corporate, citizen and critical infrastructure operator spheres.

Technically operated by INCIBE and under the coordination of CNPIC and INCIBE, CERTSI was founded in 2012 through a Framework Agreement for Collaboration in the area of Cybersecurity between the State Secretariat for Security and the State Secretariat for Telecommunications and the Information Society. Currently, it is regulated by the Agreement of 21 October 2015, signed by both State Secretariats.

The operators of critical infrastructure, whether public or private, so designated by virtue of the application of Law 8/2011, have in CERTSI a point of reference for the technical resolution of cybersecurity incidents that may affect the provision of essential services, in accordance with that established in the Resolution of 8 September 2015 (published in the Official State Gazette (BOE) on 18 September), of the State Secretariat for Security, approving the new minimum contents of the Operator Security Plans and the Specific Protection Plans.