The National Cybersecurity Strategy, approved on April 30, 2019, develops the forecasts of the 2017 National Security Strategy in the area of cybersecurity. Considering the general purposes, the objective of the scope and the lines of action established to achieve it, the document is structured in five chapters:
- Cyberspace, beyond a common global space, which provides an overview of the scope of cybersecurity, the progress made in this area since the adoption of the 2013 Strategy, the reasons which support the development of the 2019 National Cybersecurity Strategy, as well as the main features which drive its development.
- The threats and challenges in cyberspace, it determines the main threats to cyberspace which derive from its status as a common global space, the high level of technology and the great connectivity that makes it possible to amplify the impact of any attack. It classifies these threats and challenges into two categories: on the one hand, those which threaten assets that are part of cyberspace; and on the other hand, those that use cyberspace as a means for malicious and illicit activities of all kinds.
- Purpose, principles and objectives for cybersecurity, it applies the guiding principles of National Security Strategy 2017 (Unity of Action, Anticipation, Efficiency and Resilience) to five specific objectives.
- Lines of action and measures, where seven lines of action are established and the measures for the development of each of them identified.
- Cybersecurity in the National Security System, it defines the organic architecture of cybersecurity. Under the direction of the President of the Government, the structure is composed of three organs: the National Security Council, as the Government's Delegate Commission for National Security; the National Cybersecurity Council, which supports the National Security Council and assists the President of the Government in the direction and coordination of national security policy in the area of cybersecurity, and fosters relations of coordination, collaboration and cooperation between public administrations and between these and the private sector, and the Situation Committee which, with the support of the National Security Department, will support the management of crisis situations in any area which, due to their transversality or dimension, exceed the response capacities of the usual mechanisms.