Ayesa opens a new SOC in San Sebastián based on AI and quantum computing

The new Security Operations Centre, the biggest in the Basque Country, will foster collaboration, innovation and continuous learning so that staff are able to effectively respond to any challenge they face.

Ayesa’s cybersecurity unit currently has more than 200 members of staff and generates EUR 20 million in annual turnover.

Ayesa, a global provider of technology and engineering services, has just opened a new Security Operations Centre in San Sebastían, now the largest in the Basque Country. Housed at the company’s headquarters on the Miramón Technology Park, it will provide its clients around the world with services 24 hours a day, 7 days a week.

Ayesa’s cybersecurity unit has more than 200 members of of staff staff, works with more than 200 clients and generates EUR 20 million in annual turnover. The facility will replace Ayesa’s main cybersecurity centre in Mendaro, increasing its size and giving it new capabilities.

As such, not only will it provide monitoring and response services but also foster collaboration, innovation and continuous learning. ‘We are investing in cutting-edge technology, such as AI and quantum computing to ensure our team have everything they need to provide outstanding services and tackle any challenges they face’, explains Álvaro Fraile, Director of Cybersecurity at Ayesa.

‘This SOC is more than just a physical space. It represents a carefully thought-out cybersecurity and defence strategy. In a world where cyber threats are constantly changing, it it is crucial we stay one step ahead if we are to protect our assets and data as well as ensure our clients continue to place their trust in us’, he goes on to note.

Critical infrastructure

The Director of Cybersecurity adds: ‘One of the particular strengths of this SOC is its ability to protect IT and OT environments involving critical infrastructure used by different sectors’. This includes water treatment plants, railway and metro systems, traffic control systems, electrical generation and distribution facilities, chemical plants, refineries, factories, food production facilities, pharmaceutical plants, gas distribution networks, airports, prisons and smart cities, to give just a few examples. These are areas in which Ayesa has extensive experience and expertise.

As such, our SOC ‘monitors, detects and responds to specific threats that affect the security and integrity of these critical systems, such as intrusions, targeted malware, security breaches and other events with the potential to impact upon operations and physical security’. These types of SOC require staff with experience in IT security as well as industrial control systems (ICS) who understand the complexities involved in protecting critical environments.

Álvaro also notes: ‘The new SOC is based on a strategy aimed at attracting and retaining talent in cybersecurity, something that involves providing young staff with the training they need to thrive in this promising field. Our Junior University scheme places particular emphasis on this, i.e. identifying new professionals, training them, mentoring them and offering them a bright future in this area. To sum up, the new SOC is a reflection of our unfaltering commitment to security and excellence’.

A multi-service strategy

Ayesa’s new SOC monitors and manages the security of its clients, detecting, analysing and responding to cybersecurity threats in real time. Its main areas of work include:

1. Security monitoring: this involves constantly monitoring networks, systems and applications to identify suspicious or malicious activity.
2. Threat detection: this means identifying and analysing potential security threats, such as intrusions, malware and unusual activity.
3. Incident response: this includes containing, mitigating and putting into place solutions to cybersecurity incidents in real time.
4. Vulnerability assessment: this involves identifying weaknesses in systems and applications that could be exploited by adversaries.
5. Forensic analysis: this means compiling and analysing digital evidence for the purpose of understanding the nature and scope of security breaches.
6. Security information and event management (SIEM): this sees us implement and maintain security information and event management systems in order to compile, correlate and analyse security data.
7. Security policies and procedures: this involves creating and reviewing policies, procedures and best practices with the aim of optimising an organisation’s approach to cybersecurity.