Cyber attacks on Spanish universities have become a serious danger

More than 60% of Ibero-American universities have suffered cyberattacks in the last year

Higher education has become one of the sectors most vulnerable to digital threats. According to a recent report published by MetaRed in collaboration with Banco Santander and SEGIB, 60.71% of Ibero-American universities have experienced cyberincidents in the last 12 months.

In the case of Spain, the situation is particularly worrying: 67.86% of universities has registered at least one incident, and many of them do not have a consolidated cybersecurity strategy or a specific budget allocated. This not only affects data and administrative operations, but also the integrity of teaching, evaluation and research processes.

‍

University cybersecurity in numbers

• Average of 15.9 cyber incidents per university in one year.
• Only the 4.1% has an exclusive budget for cybersecurity.
• More than 57% of universities have difficulty hiring specialized talent.
• Only the 50% has defined a clear institutional strategy.

These figures show a clear need for secure digital transformation in the university environment. In addition, they reflect a structural deficiency that compromises academic continuity, the protection of intellectual property and the security of the data of thousands of students, teachers and researchers.

‍

A real risk with an impact on training and research

The massive use of personal devices, open Wi-Fi networks, collaborative platforms and sensitive data management systems make universities priority objectives for cybercriminals. Attacks not only target personal or economic information, but also scientific research data, patents under development, or high-value academic results.

According to data from the Catalan Cybersecurity Agency, two out of three cyberincidents in the Catalan public sector affect universities (El País, 2025). This proportion is alarming considering that the human and technical resources available in many institutions are limited. In this context, it is not enough to react: it is urgent to anticipate.

‍

Keys to strengthening university cybersecurity

Immediate recommendations for principals, CIOs and ICT managers:

1. Define an institutional cybersecurity strategy with clear objectives and specific budgetary allocation.
2. Implement basic protection measures, such as multi-factor authentication, data encryption, network segmentation and access control.
3. Promote the training of the entire university community: students, teaching staff and researchers must be aligned in cyberhygiene protocols.
4. Regularly audit and update systems to detect vulnerabilities before they can be exploited.
5. Collaborate with specialized agencies, such as MetaRed, INCIBE or regional cybersecurity agencies, which offer support, training and resources adapted to the educational context.

In addition, it is advisable to participate in threat information exchange networks (academic ISACs), carry out crisis simulations and develop specific business continuity plans for the university environment.

‍

Conclusion: Protecting knowledge is also a digital priority

The university is a critical node in the digital society. It protects talent, generates knowledge and manages millions of sensitive data. Leaving it exposed to digital risk is not an option. A cybersecure university is a university that protects its present and guarantees its future.

‍

✅ Take action today!

At Apolo Cybersecurity, we help educational institutions to create comprehensive digital protection, training and incident response strategies.

🔒 Find out how Apolo Cybersecurity can help universities with a free consultation by requesting it in the following email: info@apolocybersecurity.com.