One of the main CCI's activities is the development of high quality research reports and strategic analysis studies. Although there are some free general available documents , most of them can only be purchased by the CCI Members who can annually subscribe to receive all the publications. However, they may be purchased individually at the price assigned that appears at the end of each document.
Reports and strategic analysis studies published:
SGCI Guide for the person in charge of building an Industrial Cybersecurity Management System
New SGCI Guide, with the collaboration of ISA Spanish Section, directed to the person responsible for building an Industrial Cybersecurity Management System. This guide has been prepared by a team of experts, and the review of multiple drafts by the CCI ecosystem over several years. This new guide incorporates some interesting aspects that have been compiled after more than a dozen workshops.
Requirements of the SGCI (Industrial Cybersecurity Management System)
Set of requirements of the SGCI (System of Management of Industrial Cybersecurity). This document also includes the requirements of the ISO 27001 standards (ISO 27002 controls) and IEC 62443. As well as the ITC maturity model.
Establishing Zones and Conduits according to IEC62443 (Collection notebooks CCI)
Notebook that aims to cover specific aspects of industrial cybersecurity in a didactic and practical way, based on the experience of professionals, as in this case, Javier F. Castillo, who has decided to share this document with the CCI ecosystem. In this document you can find how the areas and conduits for a specific scope should be established, in an orderly, didactic and practical way.
Actors of the Smart OT (Smart OT Series)
This document presents the current profiles in the domain of Intelligent Operating Technologies. The industrial ecosystem has been modified -from the perspective of its members-, favoring the appearance of new participants and altering the activities, and the way of approaching them, of the traditional ones. Hence, CCI has raised in this document to review the main actors that, in one way or another, are present in the new scenario of intelligent manufacturing
Study on the State of Industrial Cybersecurity in Colombia. Second edition
Report called "Study on Industrial Cybersecurity in Colombia" that offers a focused and complete information that is very important to know, to determine the level in which Colombia is with respect to cybersecurity. The general points evaluated in this study are those of Organization of Industrial Cybersecurity: Responsibility and Degree of Training; Industrial Cybersecurity Management: Risk Assessment, Incident Management and Planning; Technical Aspects of Industrial Cybersecurity: Network Connection, Remote Access, Use of Standards and Measurements; and Industrial Cybersecurity Market: Forecasting of New Activities, Requirements for New Projects, Hiring of Projects and Professional Certificates.
European Industrial Cybersecurity Regulatory Landscape
Document that offers the reader a guide that will allow you to know the most relevant regulatory frameworks of European countries, whether mandatory (legal) or voluntary-available to be applied to the industrial ecosystem, which is related to or can be related to cybersecurity in that scope. To this end, a number of countries have been analyzed: Belgium (BE), Germany (DE), Spain (ES), France (FR), Italy (IT), the Netherlands (NL), Portugal (PT), Romania ( RO), Turkey (TR) and United Kingdom (U K).
tate of cybersecurity in Spanish critical infrastructure operators
This study shows how cybersecurity is managed in six key sectors: Electric, Gas and Petroleum, Nuclear, Financial and Tax, Water and Transportation. The study addresses different aspects such as risk assessment, incident management, network connection or the main measures applied.
Development and deployment security of industrial software [4.0]
Document that offers the reader a guide that allows you to know the different scenarios where industrial software is developed and deployed, its characteristics and peculiarities, as well as the evolution in development methods and tools, with the intention that you can be aware of the need to incorporate cybersecurity as a fundamental part of software development.
Study on the state of industrial cybersecurity in France
Document that presents the results of the study made to managers of 22 France industrial companies. It provides an interpretation of them based on the knowledge and experience of its editors and the participants in the review process.
Study on the state of industrial cybersecurity in Peru
Document that presents the results of the study made to managers of 34 Peru industrial companies. It provides an interpretation of them based on the knowledge and experience of its editors and the participants in the review process.
Study on the state of industrial cybersecurity in Chile
Document that presents the results of the study made to managers of 34 Chile industrial companies. It provides an interpretation of them based on the knowledge and experience of its editors and the participants in the review process.
Study on the state of industrial cybersecurity in Argentina
Document that presents the results of the study made to managers of 35 Argentine industrial companies. It provides an interpretation of them based on the knowledge and experience of its editors and the participants in the review process.
Regulatory Map of Industrial Cyber Security in Spain
Document that allows to clearly identify the existing regulation and its scope. It compiles the general legal provisions that regulate the scope of the security that we want for our society in digital transformation and its industry, among which are European Union Directives, public policies, as well as general legal norm and relative to the industry of the European Union and Spain.
Benefits of Cybersecurity for Industrial Enterprises
This document developed by CCI, in collaboration with iTTi, provides a perspective on the enabling role of industrial cybersecurity for top management of organizations.
Pocket guide: Cybersecurity in the Industrial Automation Pyramid
This guide shows in a quick and visual way the main vulnerabilities that can exist in the 5 levels of the pyramid of industrial automation and the most recommended measures of protection.
State of Industrial Cyber Security in Spain, evolution and future
This third edition includes the results and conclusions of the study developed during the 2015/16 exercise, with the collaboration of CERTSI_. CERT of Security and Industry of the Ministry of the Interior through the CNPIC and the Ministry of Energy, Tourism and digital agenda through INCIBE.
Price: 250 €
Best Practices in Forensic Analysis in Automation and Control Systems
This document aims to provide a guide of good practices for forensic analysis of Industrial Computers, that it will help to present and future experts. It will be, therefore, a forensic analysis focused on automation and industrial control, as stated in its title..
Price: 350 €
Cybersecurity in Lifecycle of a Project Industrial Automation (Spanish Version)
This document presents the most effective activities to protect digital technologies used in the operation of an industrial plant, from the earliest stages of their life cycle I design, supply and installation / start-fly, incorporating, in each , measures and mechanisms of cybersecurity, along with the other requirements for functionality, quality and safety linked to operations.
Price: 350 €
Smart Cities before the security Challenge
Document that reviews the evolution of digital cities, to become smart cities we know now and again, cybersecurity problems that can be associated.
Practical Guide to Building a Management System Industrial Cybersecurity (Spanish Version)
This guide can cover the shortage of normative references dealing, in particular, the management of cybersecurity in automation and control systems industrial.En she developed new specific guidelines, and differentiated, for an effective, efficient and continuous treatment risks of availability, integrity and confidentiality of operations and information managed by these systems.
Price: 450 €
Prevention, Protection and Response 3 types of cyberattacks high impact (English version)
This document contains three types of cyberattacks on SCI (Industrial Control Systems) high-impact industrial organizations, and identifies what should be the priorities for the state, technology providers and own industrial organizations to improve prevention, defense and response to such cyberattacks.
Spain's Industrial Cybersecurity Roadmap (Spanish version)
The Spain's Industrial Cybersecurity Roadmap is an strategic document that will define the objectives to be achieved in the next five years to assure that Industrial Cybersecurity evolves in the right direction. It identifies as well the obstacles to overcome and the main related actors. The document defines the main milestones to achieve the objectives defined. It will be attached as well additional chapters in the form of Appendix to cover specific sectorial issues.
Price: Free Download
Document on Critical Infrastructure Protection and Industrial Cybersecurity (Spanish version)
The terms "critical infrastructure protection" and "industrial cybersecurity" are very often used as equivalent terms. However, there are significan differences between both concepts. This document is an analysis of the current situation of both concepts, a clarification on their meanings as well as the differences and common points.
Price: 250 €
Evaluation and Benchmarking Tool for Cybersecurity Services Suppliers (English version)
Has been designed to evaluate the cybersecurity maturity of the most relevant organizational functions of a typical service provider as well as the complexity and degree of compliance in the achievement of security objectives. The tool can be tailored to specific organizational needs, adding requirements not initially included or eliminating the non-relevant ones.
Price: 250 €
Study of the Spain's Industrial Cybersecurity Landscape (Spanish version)
This research study is based on the surveys passed to Spanish organizations on the organization of the industrial cybersecurity. This document contains a cyber threat map on industrial installations, their main trends in dealing with risk as well as the countermeasures most commonly applied. The study defines the evolution for the treatment and organization of industrial cybersecurity in Spain. It analyzes as well the main public and private initiatives on the topic.
Price: 350 €
The Industrial Cybersecurity Center and the Spain's National Cybersecurity Strategy (Spanish version)
This document develops and justifies the alignment, support and contribution from the CCI to the development of the baseline Strategy principles, as well as its main objectives. It includes a mapping between the National Cybersecurity Strategy with the actions to be taken and presented in the Industrial Cybersecurity Roadmap, 2013-2018.
Spain's Industrial Cybersecurity Roadmap (English Version)
The Spain's Industrial Cybersecurity Roadmap is a strategic document that will define for the next five years the objectives that must be approached to make industrial cybersecurity evolve in the appropriate way. It describes as well the obstacles to overcome and the actions to be executed by the involved parties. It will identify as well the milestones to achieve such objectives. The Roadmap will include attachments referring to specific sectors.
Impact of Non-Supported Software in Business (Spanish version)
This document presents the different software layers that we may find in the automation of an industrial process. It identifies its main features and the needs for each of them. It presents as well the main inhibitors for updating the operating systems as well as the enablers to update obsolete systems. In addition, this document includes the industry responses in relation to such elements.
Best Practices for Cybersecurity Diagnosis in Industrial Environments (English Version)
This document explains how to make a cybersecurity diagnosis in an industrial environment, identifying weak points and proposing actions to be taken. This document will allow to work on the methodology to be used; it includes as well an interview outline and a proposal of a Results Report.
Price: 250 €
Report on the Brazilian Critical Infrastructures Cybersecurity Situation (English version)
This report has counted with the representation of 51 Brazilian industrial companies. It offers valuable information about the technical situation of such organizations, and the management of Industrial Cybersecurity.
Price: 150 €
Guide for the Development of an Industrial Cybersecurity Management System. First Part (Spanish Version)
The Industrial Cybersecurity Center, aware of the need of an Industrial Cybersecurity Management Standard, has developed a document whose objective is to define a general framework. It develops as well all the methodology documents that complement and develop a general SGCI framework.
Price: 400 €
Industrial Cybersecurity Maturity Evaluation Tool (Spanish version)
The Industrial Cybersecurity Maturity Evaluation Tool has been designed with the objective that an industrial organization evaluates its maturity in relation to Cybersecurity in relation to eight process areas, that are divided into four maturity levels. The tool can be tailored to the needs of each organization to include objectives that were not initially considered, as well as to eliminate those that are not relevant.
Price: 300 €
Main players and initiatives in Spain's [Industrial] Cyber security landscape. 2015 (Spanish version)
The report includes the most relevant legal & regulatory sources on the matter. It lists the main agencies and institutions within the Spaniard Industrial Cybersecurity landscape (including public and private CERT's). And, finally, summarizes the most innovative R&D initiatives contributing to the development of Industrial Cybersecurity as a discipline.
Price: 300 €
Status of Industrial Cybersecurity landscape in Spain. 2015 edition (Spanish version)
An update of last year's report, it provides a comprehensive vision of Spain's Industrial Cybersecurity market, since the point of view of both, infrastructure operators and engineering firms/cybersecurity vendors. The report offers a comparation between 2013 and 2014 findings.
Price: 250 €