Significant Evolution and Transformations in the National Cybersecurity Landscape with the CPSTIC as a Fundamental Pillar
Two year ago, just before FEINDEF 2023, we published an article on the outlook of Spain's cybersecurity from the IT product security perspective. Two years later, as Spain prepares to host FEINDEF 2025, the International Defence and Security Exhibition, the nation's cybersecurity landscape has undergone significant transformations. Central to this evolution is the CPSTIC (Catalogue of ICT Security Products and Services), which has matured into a cornerstone of Spain's national security strategy.
2024 was a good year in terms of the number of certifications, being the third year with the highest number of certifications in history. A total of 382 certifications were completed. This means that the number of certificates has experienced a large decrease (88 less than 2023), the year in which all the records were broken.
A few weeks ago, we said goodbye to 2024 and welcomed 2025, which has kicked off with remarkable energy, inspiring us with optimism and enthusiasm for the journey ahead. Looking back on the past year, we’ve seen remarkable progress with LINCE methodology and a substantial increase in the solutions featured in the CPSTIC / CCN-STIC 105 catalog. With that in mind, we’d like to share a brief overview of our modest contributions to these achievements.
jtsec, an Applus+ company, has expanded its services by obtaining ISO 17025 accreditation from ENAC to evaluate cryptologic products under the Methodology for the Evaluation of Cryptographic Mechanisms (MEMeC) methodology. jtsec also participated in developing this methodology, closely collaborating with the CCN (National Cryptologic Center). With this achievement, jtsec becomes the first company prepared to provide this innovative service.
In early November, the largest international event related to the Common Criteria scheme was held in Doha, Qatar. The ICCC24 (International Common Criteria Conference) once again hosted top-tier speakers, exhibitors, laboratories, manufacturers, and experts, who discussed a variety of topics related to standardization, new cybersecurity schemes, new uses of Common Criteria, and more.
In 2024, as we have been doing since 2022 in collaboration with Applus+ Laboratories, in addition to delivering talks, we were also sponsors. This allowed us to have much more interaction with attendees and share our services at our stand.
