On-Premise vs Virtualized: The playing field of modern cybersecurity
19 de June de 2025
Cybersecurity has become an unavoidable priority for Public Administration. In recent years, municipalities, health services, and ministerial bodies have been the target of deliberate attacks aimed at paralyzing essential services, stealing sensitive data, or extorting public institutions. These are not generic threats but rather sophisticated offensives that test the digital resilience of the public sector every day. Is the administration truly prepared to face this new reality?
Cybersecurity in Public Administration: Attacks
Over the past three years, Spanish public administrations—particularly municipalities, regional health services, and ministerial environments—have repeatedly fallen victim to cyberattacks. These are not generic campaigns, but targeted, sustained attacks with very clear objectives: to cripple critical services, steal sensitive information, or demand ransom under threat.
Recent examples such as the attack on the Seville City Council, the ransomware incident in the Catalan health system, and data leaks in regional agencies demonstrate that public digital infrastructure is under constant scrutiny by malicious actors. Cybersecurity in public administration has become essential.
This situation is not unique to Spain. Public institutions across Europe have been tested, and the trend shows no sign of changing. Accelerated digitalization, total connectivity, and technological dependency have exposed an uncomfortable truth: the security of public services was not ready for the new threat landscape.
Cybersecurity in Public Administration: Risks
Cyberattacks on the administration do not just affect systems—they impact citizens, essential services, and institutional trust.
1. Exposure of Critical Assets
Many public administrations operate with legacy infrastructure using outdated operating systems, direct connectivity via insecure protocols (like RDP or Telnet), and lack intermediate protection layers to isolate or filter access to sensitive systems. This turns their networks into open fields for any attacker with time and patience.
2. Inefficient Access Management
In many cases, administrator credentials, maintenance technicians, or external vendors are poorly managed—shared, stored without control, lacking traceability, rotation, or oversight. This creates an ideal environment for privilege escalation and lateral movement.
3. Lack of Visibility and Traceability
Many administrations still lack robust systems to log, record, and audit access to their internal systems, making it impossible to reconstruct incidents in real-time or verify traceability. In critical environments, this is not just an operational failure—it’s a legal breach.
4. Non-Compliance with Regulations
With the implementation of the NIS2 directive, cybersecurity obligations for public administration have become more stringent. Essential assets must be identified, access protected, anomalies detected, activities audited, and incidents responded to swiftly. Non-compliance is not just a risk—it’s a regulatory violation.
Cybersecurity in Public Administration: there Is a Way to Fix It
The good news is that technologies exist to address these issues at the root, and they can be integrated into public environments without having to reinvent the entire ecosystem. Cosmikal has developed Endurance, a solution that directly addresses the most common vulnerabilities in public administration:
1. Secure Connections and Assets in a Shielded Work Environment
Endurance allows access to servers, PLCs, control panels, antennas, databases, and admin consoles without exposing them directly to the Internet or the user. Connection brokers and virtual desktops are used to encapsulate sessions.
What travels through the network? Only keyboard, mouse, video, and audio events. What does the user see? Only what they’re authorized to use. What is recorded? Everything.
Result: Assets are no longer exposed, even if the user connects from an insecure network or device.
2. No Changes Needed, But Everything Protected
One of Endurance’s key advantages is that it does not require changes to existing infrastructure. No need to migrate systems, change protocols, or install agents on each asset. Public administrations can keep their servers, consoles, or apps as they are—just access them via Endurance’s shielded environment.
Thanks to its architecture, access is not direct and does not expose the asset. Only keyboard, mouse, video, and audio events travel—so data never leaves the system and cannot be intercepted. The user works as usual, but within a secure, recorded, and controlled environment.
Result:
- Full protection without disrupting the environment.
- Fast deployment with no service interruption.
- Infrastructure isolated from insecure networks, compromised devices, or unauthorized access.
- And most importantly: there are no technical excuses not to deploy it. Any administration can secure its environment without rebuilding it from scratch.
3. Total Control Over Privileged Access
Endurance centralizes and automates privileged account management. No visible passwords, no passwords stored in documents, no unauthorized access, no unrecorded sessions. Every action is audited. Every session, recorded. If someone attempts abuse, real-time alerts are triggered.
Result: No more uncontrolled access. Full traceability is now a reality.
4. Compliance with Legal Frameworks (ENS and NIS2)
Endurance is aligned with the technical requirements of the National Security Framework (ENS) and supports compliance with the new NIS2 obligations:
- Strong authentication
- Principle of least privilege
- Access segmentation
- Auditing and monitoring of actions
- Encrypted storage of credentials
- Forensic recording of sessions
Result: Enables regulatory compliance with demonstrable technical guarantees in case of an audit.
5. Controlled Environments for Third Parties
A major challenge for public administration is managing access by external personnel (vendors, technicians, subcontractors) to sensitive systems. With Endurance, access is restricted to a controlled virtual environment, with no access to the internal network or physical resource, and with permissions defined by time, hour, IP, or role.
Result: The technician accesses the panel—but not the infrastructure. And you always know what they did, when, and how.
Conclusion: Protecting the Public Sector Is a Technical and Ethical Obligation
Cybersecurity in public administration is a critical necessity. Today, there are tools specifically designed to secure access, audit actions, and reduce the attack surface—without disrupting daily operations.
At Cosmikal, we don’t believe in magic solutions or fearmongering. But we do believe in facing problems head-on, understanding them with technical precision, and acting decisively. Because when a public service fails, we all suffer.
