The Ministry of Industry is training some 50 small and medium-sized enterprises so they can provide cybersecurity services to the business community in Navarre

The Department of Industry, Ecological Transition, and Digital Transformation, along with the public entity European Business and Innovation Center of Navarra (CEIN), have conducted a consulting project aimed at enabling cybersecurity service providers to develop the capabilities needed to offer cybersecurity services to small and medium-sized enterprises.

Nearly fifty companies have participated in this specialized consulting program, which has explored topics such as contingency plans and backup centers, regulatory certification, technical audits, legal compliance, professional certification, cloud security, and the implementation of solutions in cybersecurity, cyber resilience, and industrial cybersecurity.

In addition to the department and CEIN, the Navarra Security Center and the ATANA cluster have collaborated on the design of this cybersecurity capacity-building initiative. The aim has been to increase the number of companies capable of offering services in this highly complex sector, which is constantly evolving. This need for professionalization in the training of cybersecurity service providers was identified during the analysis conducted prior to drafting the cybersecurity white paper. At that time, a gap was identified between the services that suppliers can offer and the needs of the market. This consulting project fulfills the fundamental objective of equipping Navarre’s cybersecurity companies with the skills and information necessary to identify, develop, and offer a comprehensive range of services precisely tailored to current market demands.

Garbiñe Basterra, Director General of Energy and Digital Transition, Business R&D&I, and Entrepreneurship for the Government of Navarre, had the opportunity to greet attendees at the start of the program, emphasizing that “the digital transformation of our industry and public administration requires trust, and that trust is called cybersecurity.” In this regard, she noted the need to establish a public-private partnership through grants to promote digital businesses. “We are at your disposal to gather your feedback on cybersecurity issues, as well as to listen to any proposals you may have and take them into account in the next call for grants,” she stated.

The sessions

The consulting project consisted of nine thematic sessions, each lasting three hours, focused on developing the services outlined in the Cybersecurity White Paper. Among other topics, the sessions addressed market adaptation—including the identification and analysis of specific needs—compliance and risk management—facilitating regulatory compliance—and innovation in service offerings, with services aligned with international standards.

Given the nature and scope of this "Cybersecurity Capabilities Consulting" project (focused on defining the strategy and service portfolio), participation was intended for key decision-makers within the company.