Ayesa opens the largest SOC in the Basque Country at the Donostia Campus, based on Artificial Intelligence and Quantum Computing technologies

The new Security Operations Centre will foster collaboration, innovation and continuous learning “so that its professionals can face any challenge that may arise”.

Ayesa’s cybersecurity unit now has more than 200 employees and a turnover of 20 million euros.

Ayesa, a global provider of technology and engineering services, has inaugurated its main Security Operations Centre, which will also be the largest in the Basque Country. This new SOC is located at the company’s headquarters on the Donostia Campus of the Basque Country Technology Park, and will provide 24×7 service at an international level to cover its customers around the world.

Ayesa’s Cybersecurity Unit has more than 200 professionals working for more than 200 clients, reaching a turnover of 20 million euros. The opening of this new SOC means the closure of the previous main cybersecurity centre that Ayesa had in Mendaro, which is now expanded and equipped with new capabilities.

This SOC will not only be a monitoring and response centre, but also a place where collaboration, innovation and continuous learning will be fostered. “We are investing in cutting-edge technology, such as Artificial Intelligence or Quantum Computing, to train our team and ensure that we are prepared to face any challenge that may arise,” says Álvaro Fraile, Ayesa’s cybersecurity director.

“This SOC represents more than a physical space. It is a cyber security strategy and defence in depth. In a world where cyber threats are constantly evolving, it is crucial that we stay one step ahead to protect our assets, data and our customers’ trust,” he explains.

Critical infrastructure

One of the strengths of this SOC is its ability to protect IT and OT environments present in the critical infrastructures of different sectors and facilities: water treatment, railway/metro, traffic control, electricity generation and distribution, chemical plants, refineries, manufacturing, food, pharmaceuticals, gas distribution, airports, prisons, smart cities, etc; “lesser known environments in terms of cybersecurity in which Ayesa has accumulated a lot of knowledge in all these years of experience”.

Thus, as an industrial cybersecurity SOC, “it monitors, detects and responds to specific threats that could affect the security and integrity of these critical systems, such as intrusions, targeted malware, security breaches, and other events that could have an impact on production or physical security”, adds the executive. This type of SOC requires personnel with expertise in both information technology (IT) security and industrial control systems (ICS) to understand the complexities of protecting these critical environments.

Álvaro Fraile also points out that this centre “is an attraction for attracting and retaining talent in cybersecurity in line with the education and training of young people who are going to enter the workplace in a discipline as promising as this one. Our Junior University focuses on this aspect, identifying new professionals, training them, mentoring them and offering them a future professional career within our territory. In short, this SOC represents our continued commitment to safety and excellence”.

Multi-service orientation

Ayesa’s new SOC will monitor and manage the security activities of its customers, detecting, analysing and responding to cyber security threats in real time. Thus, among its main functions are:

1. Security monitoring: Continuous supervision of the network, systems and applications in search of suspicious or malicious activities.
2. Threat detection: Identification and analysis of potential security threats, such as intrusions, malware or anomalous activities.
3. Incident response: Actions to contain, mitigate and remediate cyber security incidents in real time.
4. Vulnerability scanning: Assessment of systems and applications for weaknesses that could be exploited by attackers.
5. Forensic investigation: Collection and analysis of digital evidence to understand the nature and extent of security incidents.
6. Security Event Management (SIEM): Implementation and maintenance of security information and event management systems to collect, correlate and analyse security data.
7. Security policy and procedure development: Development and review of policies, procedures and best practices to improve the organisation’s security posture.