• Print

Protection and prevention

Apart from cybersecurity governance, within the Government of Catalonia, CESICAT carries out protection activities against cyberthreats and security incidents and prevention in terms of cybersecurity from an organisational, technological and regulatory point of view. It also ensures the resilience of ICT assets and infrastructures as a mechanism for guaranteeing robustness against cyberattacks and cushion their effects.


The protection function within the Government of Catalonia takes place basically through providing services for the detection and mitigation of cyberthreats; management and response in the case of cybersecurity incidents; cybersecurity analysis of infrastructures, services and solutions; intelligence concerning cyberthreats, and investigations of security incidents and cyberthreats.


Prevention activities are essential to ensure the sustainability of a protection model against threats and cyberattacks based on maturity and not on reaction as the sole response mechanism. In this respect, CESICAT carries out a preventive function in many areas, such as secure design in the development of solutions and services for the Government of Catalonia; assessment of the level of cybersecurity of Government of Catalonia ICT providers; digital identity management, and analysis of the risk deriving from a cyberthreat.

At the same time, in terms of prevention, it must also include all aspects relating to compliance with rules and regulations, whether this concerns the Government of Catalonia’s own regulatory framework or the applicable European standards, laws, regulations or directives. In this sense, auditing is essential to ensure the level of compliance and limit the risk resulting from non-compliance.


When we speak of resilience in the context of cybersecurity, we refer to the capacity of assets to withstand and recover from disasters or service failures. For this reason, CESICAT devotes part of its effort and capacity to determining the level of resistance in contingency situations caused by cyberattacks. It does this by carrying out disaster simulations and recovery tests and by establishing contingency plans and operational plans for particular situations.