Faced with this scenario of growing threat, Cipher-cybersecurity division of the Prosegur Group-has strengthened its offer through a strategic alliance with ECIJA, a firm specialising in digital law, privacy and compliance. Together, both companies combine technical capabilities and legal advice to meet the requirements of the NIS2 Directive, whose deadline for transposition into Spanish law expired on 17 October 2024, although the corresponding national regulation has not yet been approved.
Essential sectors, such as transport, the financial and tax system, and ICTs, were the most affected, with 341 incidents that demonstrate the vulnerability of critical areas for the economy and society. The NIS2 obliges all entities to increase caution in data management, improve their security systems, adopt adequate organisational and technical measures, and promptly report any incident. Although Spain has not formally completed transposition, many regulators already require information on the state of information security maturity, prompting organisations to anticipate regulatory requirements.
Cipher brings more than two decades of experience in critical infrastructure protection and has proprietary technology solutions such as xMDR (Extended Detection and Response) and Security Observatory for advanced threat detection and continuous monitoring. In addition, its SPIP (Security Posture Improvement Plan) combines the work of cybersecurity architects and ethical hackers to detect vulnerabilities and generate security plans that optimise time and costs. With international certifications such as PCI QSA, ISO 27001 and ISO 20000, Cipher offers a tailored approach according to the criticality of each client's assets.
For its part, ECIJA assumes legal and compliance responsibilities, performing compliance gap analysis, developing internal policies and procedures, adapting contracts and training senior management. It also prepares organisations for audits and manages possible sanctioning procedures. Thanks to this collaboration, companies have a "turnkey" service that covers everything from technical implementation to legal coverage for NIS2, DORA and the National Security Scheme, allowing them to efficiently face one of the greatest regulatory challenges of the last decade in terms of cybersecurity.
