Eduardo Fernández-Medina Patón, director of the GSyA group (Security and Audit Group) located at the ESI at the UCLM, as a member of the RENIC Network (National Excellence Network for Cybersecurity Research), has been interviewed by the magazine SIC “Cybersecurity, information security and privacy”, a Spanish magazine created in 1992 specializing in information security and in the security of technological information and communication systems for use in organizations.

The Security and Audit Group (GSyA) together with the Alarcos Group, affiliated with the UCLM, have been working in various research lines on cybersecurity for more than 20 years.

His research is divided into two major blocks; the first, focused on incorporating security into software engineering processes and artifacts (databases and data warehouses, business processes, web systems, cloud computing, requirements engineering, big data, cyber-physical systems, etc.), and the second, related to security governance and risk management. In these research lines, 16 doctoral theses have been developed and numerous contributions have been achieved in relevant congresses and scientific journals in the context of security and software engineering.

Despite having participated in several proposals for European projects and having obtained good evaluations, financing has not been achieved in any case. However, throughout these years, 7 projects for regional calls and another 7 projects for national calls have been led and developed. Specifically, the development of the ECLIPSE national plan project (Enhancing Data Quality and Security for Improving Business Processes and Strategic Decisions in Cyber Physical Systems - RTI2018-094283-B-C31) is being completed. Project coordinated by us at the University of Castilla-La Mancha, together with the Universities of Alicante and Seville. The execution of the regional project GENESIS (Security Government of Big Data and Cyberphysical Systems - SBPLY-17-180501-000202) is also being finalized.

Some recommendations for improving cybersecurity research advances in universities and research centers:

1°) Sufficient and stable financing over time is necessary, to avoid situations such as those suffered a few years ago in which much of what was gained after long years of research was lost, because specialized personnel could not be maintained.

2°) It is necessary for a demanding but attractive academic career to exist, capable of attracting and retaining young talent, and that also incentivizes and motivates senior researchers.

3°) Greater integration and understanding between industry and University is necessary, so that on one hand there is greater recognition and valuation of research activities and researchers by the industry, and on the other hand, the University focuses on developing solutions demanded by Society and the industry itself."