The National Security Scheme (ENS) was initially regulated by Royal Decree 3/2010, updated by Royal Decree 951/2015, and has recently been replaced by RD 311/2022, with a transition period in which both models will coexist.
In its current definition, the ENS is made up of the basic principles and minimum requirements necessary for adequate protection of the information processed and the services provided by the entities within its scope of application, which covers the entire public sector, in the terms defined in Law 40/2015.
Expressly, the law also contemplates its application to the information systems of private sector entities that provide services or solutions to public sector entities. The specifications must include all those requirements necessary to ensure compliance with the ENS, for all contracts in which the services provided by contractors are based, even extending it to the supply chain.
LEET Security is accredited by ENAC according to the standard UNE-EN ISO/IEC 17065:2012, for certifing conformity with ENS, recognizing the technical competence of our professionals and our total independency and impartiality, as an Agency with an only specialty since 2015 carrying out security level assessments.
For these reasons, LEET Security rating scheme includes from the beginning all ENS requirements with corresponding levels of both, making that our assessment process was unique in efficiency, allowing to obtain a doble outcome: the rating following LEET Security standard plus the Conformity Certification with ENS.
Services assessed in this way show compliance with both the requirements of private organizations that are using LEET Security rating for Vendor Risk Management, as those from the Public Adminsitrations that must by compliant with ENS.
LEET Security is the first cybersecurity rating agency in Spain, having developed a rigorous and exhaustive efficient rating methodology that includes main national and international standards. Furthermore, the rating methodology has been recognized by INCIBE and ENISA.