Applied Sciences (Dec 2024)
A Country Risk Assessment from the Perspective of Cybersecurity in Local Entities
Abstract
The number of vulnerabilities identified annually has increased substantially, thereby raising the risks associated with online services. The implementation of cybersecurity management measures in accordance with the European NIS2 Directive is optional at the local authority level. This study analyzes the external perimeter of nearly 7000 municipalities and proposes a simplified security framework that provides a comprehensive view of security across regions. A complete data set was assembled on the Technological and Competence profiles of all municipalities in Spain over a two-year period. The data were gathered from the external perimeter in relation to security, availability and SEO posture areas. A survey was conducted to determine the level of concern among citizens regarding cybersecurity issues in online municipal services, with 188 respondents. Some regions were identified as exhibiting particularly high and homogeneous levels of security. In contrast, other regions were found to be below the expected level. The presence of supra-local entities, such as the “Diputaciones”, has been demonstrated to facilitate the harmonization of regional security, while simultaneously reducing technological fragmentation and operational expenditure.
Keywords
