The CCN-CERT is the Information Security Incident Response Capacity of the National Cryptologic Center (CCN) attached to the National Intelligence Center (CNI). This service was created in 2006 as a Spanish National Governmental CERT and its functions are included in Law 11/2002 regulating the CNI, RD 421/2004 regulating the CCN and RD 3/2010, of 8 January, regulating the National Security Scheme (ENS), modified by RD 951/2015 of 23 October.
Therefore, its mission is to contribute to the improvement of Spanish cybersecurity by being the national alert and response centre which cooperates and helps to respond quickly and efficiently to cyber-attacks and to actively confront cyber-threats. This mission includes the coordination at the state public level of the different Incident Response Capacities or existing Cybersecurity Operations Centres.
All this, with the ultimate aim of achieving a more secure and reliable cyberspace, preserving classified information (as stated in Article 4.F of Law 11/2002) and sensitive information, defending the Spanish Technological Heritage, training expert personnel, applying security policies and procedures and using and developing the most appropriate technologies for this purpose.
In accordance with these regulations and Law 40/2015 of the Public Sector Legal System, the CCN-CERT is responsible for the management of cyber-incidents affecting any public body or company. In the case of critical public sector operators, the management of cyber-incidents will be carried out by the CCN-CERT in coordination with the CNPIC.