The CCN-CERT has traditionally collaborated and collaborates in several SOCs of different sizes, at the level of Ministries, Provincial Councils/Town Halls or Local Entities, recently accruing Essential Services Operators.

Start-up of a SOC

Security Operations Centers

These SOCs provide the entity with capabilities in terms of prevention (expanding knowledge regarding their vulnerabilities, both technical and human, to reduce the exposure surface), protection (applying blocking measures, at different points of the infrastructure, to prevent or limit cyberattacks), detection (observing everything that happens in the entity to look for existing threats and use cases) and response (acting in the event of cyber incidents to minimise the impact on the entity). As well as security management capability, establishing the course of the rest of the capabilities, to carry out proper Governance.

Capabilities of a SOC

In this dynamic, the need arose to create a tool to interconnect the SOCs so that any suspicious attempted cyberattack could be stopped in its tracks immediately, even before determining whether it was an actual attack or not: the National Network of SOCs.

About the RNS









If among all the SOCs we share information on tactics, techniques, and procedures of new threats, we will improve the capabilities of protecting to potential cyber incidents.

Accession application
By being part of the RNS, accessioned entities will have real-time access to information on cybersecurity threats that allow for the detection and early warning of potential incidents.