jtsec, a company made up of a team of well-known professionals from the IT security certification sector, has become the first laboratory accredited by ENAC and CCN to evaluate the security of ICT products according to the LINCE methodology, the National Essential Security Certification scheme, developed by the National Cryptologic Centre (CCN) and whose objective is to provide more assurance for cybersecurity certification in Spain.
Founded less than two years ago by José Ruiz and Javier Tallón, jtsec was born with the idea of offering training, testing and consulting services in security evaluation and certification following the most recognized standards in the market (Common Criteria, FIPS 140-2, SOC2, PCI...).
After having worked with national and international industry giants helping to improve their products and processes, jtsec reaches a new milestone by obtaining technical recognition from CCN and ENAC for the setting up of this new evaluation service.
The new laboratory, located in the beautiful city of Granada, is in heavy expansion process, and already has a staff of 10 cybersecurity evaluators, ready to perform LINCE tests.
The LINCE certification and evaluation methodology makes it possible to evaluate the capacity of an ICT product to treat information on a secure basis. This certification is one of the ways for these products to be included in the ICT Security Product Catalogue (CPSTIC), which regulates the acquisition of IT products in the Spanish administration. With LINCE, the products will be recognized as suitable for systems that must comply with the National Security Scheme (ENS).
Accreditation of this activity by ENAC (the spanish national accreditation entity) also provides an added guarantee that a product has been evaluated by a technically competent laboratory, offering an additional level of customer confidence.
The LINCE methodology, based on the Common Criteria principles (the internationally recognized standard for assessing the security functions and confidence level of an IT product), was created by the CCN for products that require a medium or low level of security. The objective of LINCE is to pay attention to the critical aspects of each product and to give more weight to the specific and practical tests that counter real threats than to the exhaustive functionality tests that Common Criteria requires for products that require a high level of cybersecurity, thus helping to reduce the duration and efforts involved in the evaluation process and, therefore, the costs for manufacturers, who can bear the burden themselves of preparing the documentation and all that is necessary to start the evaluation process.
jtsec thus demonstrates its potential and its position as a leader in the cybersecurity certification market, a market that will undoubtedly have a lot to say in the coming years with the advancement of the new European regulations.
If you want to certify your product, do not hesitate to contact jtsec experts in lab [at] jtsec.es.
