Industrial Cybersecurity Observatory of Gipuzkoa

In the ZIUR industrial cybersecurity Observatory we observe and identify industrial cybersecurity threats, as well as existing tools to deal with them with the objective of supporting companies in Gipuzkoa in their management of existing risks. This represents a huge advantage for the industrial sector since it reduces the existing gap between the attacker/defender.

The Observatory has integrated capacities and resources for resolving, executing and managing the threats, vulnerabilities and specific risks affecting companies in Gipuzkoa.

Continuous monitoring

We monitor threats, vulnerabilities and risk situations

This entails a constant industrial cybersecurity threat, vulnerability and risk situation monitoring process by means of observing and comparing various different sources.

The purpose of the observatory process is to detect, prevent and disclose signs of specific threats, vulnerabilities and risks that Gipuzkoa's industry faces.

Technological Monitoring

We monitor available industrial cybersecurity solutions

The ZIUR Observatory also carries out technological monitoring of the industrial cybersecurity solutions that are available on the market

We collaborate with wholesalers, distributors and manufacturers of industrial cybersecurity technologies to gain profound insight into the functionalities and benefits of different solutions. Moreover, through the Laboratory we experiment with them for the purpose of providing suitable advice to companies.

This is how we can guarantee that Gipuzkoa's industrial companies can know about and understand the technological solutions at their disposal so that they can decide whether or not they want to use them effectively.

An Intelligence Cycle-based method

The Observatory uses a methodology based on the Intelligence Cycle; a process based on five pillars, which enables managing the information compilation and processing actions for the purpose of including such data in decision-taking.

A graphical depiction of the five stages of the intelligence cycle.

The Intelligence Cycle consists of five stages:

  1. Management & Planning:
    • Identification of Needs and Requirements
    • Action Planning
  2. Data Collection:
    • Establishing systems required to meet the requirements
    • Data collection
  3. Transformation:
    • Filtering collected data
    • Converting data into suitable formats
  4. Analysis and Production:
    • Information assessment and integration
    • Final recommendations
  5. Disclosure:
    • Distributing intelligence through the right channels
    • Feedback

How does it work?

The Observatory draws from a set of tools such as cybersecurity feeds, decoys, sensors, commitment indicators, trends, cyber-intelligence processes (Cyber Threat Intelligence) and the intelligence of various different sources

The Observatory also operates on international networks. We obtain top-level details on the situation at all times, as well as on the methods, predictions and other types of relevant information that would otherwise be difficult for companies in Gipuzkoa to obtain.

Companies can discover and understand the technological measures available to them so as to decide whether to incorporate them or not

Our technological surveillance process involves active collaboration with wholesalers, suppliers and manufacturers so as to create and provide models, proofs of concept or proofs of value. This collaboration offers us the required knowledge as well as analysis and testing procedures regarding the features of available technology.

All the compiled data provides insight into the risk situation and available solutions which ZIUR's technical department analyses so as to identify preventive company cybersecurity measures, strategies and actions. This data also allows us to identify potential research and experimental activities in the Industrial Cybersecurity Laboratory

Advantages of using an Industrial Cybersecurity Observatory

By applying the Observatory's processes, which not only include ZIUR's capacities but also third-party information, we’ll be able to understand the context of the threats which affect, or will affect, industry in Gipuzkoa. Our work is geared towards improving the prevention of cyber attacks and threats that companies in Gipuzkoa may face.

Having a complete understanding of the risk situations means we can identify new internal research approaches and, from a pragmatic perspective, create work groups to identify new approaches and trends which we will then review.

Identification risk situations faced by companies, understanding existing threats, the general state of cybersecurity in Industrial Control Systems (ICS) and the specifics of industrial networks. The monitoring process boosts ZIUR’s strategies and resources with the aim of tackling the prevention or mitigation of potential cyber attacks.

The observatory will provide companies in Gipuzkoa with relevant and up-to-date information regarding specific threats, vulnerabilities and risks affecting the industry. Accordingly they can anticipate risk management and will have a forward-looking view of present and future situations so as to be able to make informed decisions.

The Industrial Intelligence Observatory is considered a trusted source by Gipuzkoa's industry as the information provided is the result of an accurate and contrasted analysis process.

As a result of our efforts to fully understanding cybersecurity threats, ZIUR's strategies and resources (which are made available to companies in Gipuzkoa) are defined based on obtained proof and identified requirements.


  • Operation in national and international networks
  • Technological surveillance
  • Analysis of situation and tendencies
  • Analysis and dissemination of the generated data


  • Threats
  • Technologies
  • Regulations
  • Tendencies

We work with:

  • International relations
  • Specialist sources
  • Internal experimentation
  • Collaboration with wholesalers, distributors and manufacturers