The Municipality of Hersonissos, as a local authority organization, processes, on a daily basis ,electronic personal data, while at the same time providing a number of electronic services and procedures, through the existing information systems, as well as through the online applications of the Public Administration.
The Municipal Authority, like any other municipal authority, makes the necessary arrangements mainly to ensure the electronic services and procedures of the Municipality, at every stage of their implemantation, using cyber security techniques and tools.
The Municipality of Hersonissos has as a priority the development of a stronger action in the field of cyber security, aiming at the raise of citizens’ trust in the digital tools and services.
According to the mayor,Mr Ioannis Segos,Hersonissos is the first Municipality in Greece that received the ISO 27001 certification, in full harmony with the new strategy of the European Commission, which emphasizes the importance of adopting and implementing appropriate security frameworks and best practices, such as the ISO 27001 standard.
The Practices concern the guarantees and measures deemed necessary to protect systems, information and their users.
According to the ISO standards, the Municipality now complies with the relevant GDPR legislation which provides for financial sanctions (eg Personal Data Act), can also reduce security incidents, secure goods and its assets from degradation, loss, damage, theft or indemnity, may ensure the prompt response concerning the restoration and operation of the organization in the event of large-scale disaster and can be significant alert regarding the national cybersecurity plan in relation to relevant bodies.
Furthermore, the Municipality of Hersonissos,in order to ensure the proper and safe operation of the information systems, set up a Cyber Security System, providing a consolidated picture concerning the security status of the Municipality network, from multiple and heterogeneous forms of monitoring.
The autonomous Cybersecurity system:
- Collects the security logs from every device interacting with the network,
- Extracts the necessary information,
- Combines and exports results of the network status in real time,
- Reacts in case of detection of a malicious action based on predefined actions.
The goal is to build an open and safer cyberspace, especially in the new era, where the digital practices now dominate, as evidenced by the health crisis that our world is going through.