Morocco is preparing to take a new step in strengthening its digital resilience. The Minister Delegate in charge of the Digital Transition and Administrative Reform, Amal El Fallah Seghrouchniannounced the upcoming establishment of a Cybersecurity Operations Center (Security Operations Center – SOC), in permanent coordination with the General Directorate of Information Systems Security (DGSSI). The mission of this center will be to ensure continuous monitoring of security events linked to the administration’s sensitive systems and platforms. It will be responsible for centralizing and analyzing security logs from servers, applications and network equipment, in order to detect intrusion attempts early, accelerate response to incidents and facilitate technical investigations to trace computer attacks. According to the minister, this system will also make it possible to strengthen coordination with the competent national authorities, in particular the Center for Monitoring, Detection and Response to Computer Attacks.
In his response to a written question from Idriss Sentissi, president of the haraki group at the House of RepresentativesAmal El Fallah Seghrouchni reaffirmed her department’s commitment to strengthening the cybersecurity and to protect information systems in accordance with legal provisions and national guidelines in force.
The strategy adopted by the ministry is therefore based on three main axes. The first concerns the strengthening of preventive measures and precaution. It provides in particular for the fixing vulnerabilities digital platforms of the ministry with the support of a specialized national design office, the infrastructure compliance with national directives, the implementation of a risk management policy and the integration of cybersecurity requirements during the acquisition or development of any new information system.
In this context, the ministry also relies on advanced protection mechanisms, such as next generation firewalls, intrusion detection and prevention systems, as well as intrusion tests and periodic technical audits intended to assess the resistance of systems to cyberattacks.
The second axis is devoted to the digital governance. It aims to strengthen the role of those responsible for information systems security within public establishments, to monitor digital security action plans and to produce periodic reports on the risks incurred.
Finally, the third pillar concerns the awareness and training. In coordination with the DGSSI and specialized centers, the ministry organizes awareness campaigns for civil servants, integrates cybersecurity into continuing training programs and disseminates simplified guides on good practices in the secure use of email and digital tools.
Through this three-part plan, the government intends to consolidate the protection of its digital ecosystem and adopt a more proactive approach to the rise in cyber risks, in a context of increasing digitalization of public services and increasing threats to sensitive infrastructure.
