Spain has reported an 80% decline in cybersecurity incidents between 2020 and 2023, according to a study by technology company Pandora FMS, based on historical data from Incibe, the National Cybersecurity Institute.
In 2020, some 1,190 cyber attacks and other cyber incidents were reported, compared to 237 last year, the data showed.
The financial and transportation sectors each accounted for a quarter (25%) of the cybersecurity incidents reported in 2023, while the energy sector accounted for 22% and water for 4%.
The IT and communications sector, which is included in Incibe’s data for the first time, accounted for 18.3% of the incidents managed in 2023.
Lack of investment
“The percentage decrease is good news, but Spain continues to lack IT talent and investment in cybersecurity,” commented Sancho Lerena, CEO of Pandora FMS. “The downward trend in the number of incidents in strategic operators does not mean that there is less risk or that the attacks have been weaker.”
The decline in cyber attacks has been steady over the years – from 1,190 in 2020, in 2021, the number was reduced to 680, while in 2022, it fell to 546, before landing at 237 last year.
Significant cyber attacks
Last year witnessed significant cyber attacks targeting both public and private institutions in Spain, with such incidents tending to escalate during periods of geopolitical tensions.
Examples include the breaches at Hospital Clínic of Barcelona, Air Europa, and the Seville City Council, while more recently, there was a breach compromising the security of health data belonging to the State Security Forces and Corps. It is anticipated that cyber attacks of this nature will persist to varying degrees in the future.
“It is a new avenue of crime, which is why we need to train more specialists and continue investing in more cybersecurity and protection,” Lerena added.
