The Spain-Italy Cybersecurity Forum 2025 brought together leading organizations and experts from both countries to analyze the current threat landscape, establish joint defense strategies and design the future of European cooperation in cybersecurity. With the participation of institutions such as INCIBE, ACN, ENISA, ECCC and the Catalan Cybersecurity Agency, the event provided a comprehensive view of the challenges and opportunities that define digital security in southern Europe and its projection towards the global market.

The current scenario: Spain in alarming numbers

The data presented reflect the magnitude of the cyber challenge facing Spain: 97,348 recorded cybersecurity incidents, an increase in 16.6% compared to 2023, together with 183,851 vulnerable systems identified. Citizens represent the 67.6% of the victims with 65,808 incidents, while companies add up the 32.4% with 31,540 reported cases.

By sector, transport is leading with the 24.6% of the incidents, followed by the financial one (23.8%), ICTs (14.1%), energy (8.8%) and the water sector (5.0%). In addition, they registered 2,341 incidents classified as NIS 2, highlighting the urgent need to strengthen protection in critical infrastructures.

The Global Cybersecurity Market: Exponential Growth and Devastating Costs

The global cybersecurity market has become one of the most dynamic sectors in the global economy. Revenues are expected to reach 202.98 billion USD in 2025, with a projected annual growth of 7.58%, reaching the 277.91 billion USD in 2029.

The economic impact figures are just as impressive: the The global cost of cybercrime in 2025 is 9.22 trillion USD and it is estimated that it will reach 15.63 billion USD in 2029. The average cost of a data breach in 2024 was 4.88 million USD, having increased significantly in recent years, with average losses for US companies of $12.5 million annually.

The exponential increase in cyberattacks: global trends

The data presented in the forum reveals that The number of cyberattacks is 2.5 times higher compared to 2018. In 2023, they were registered nearly 17 million cyber incidents globally, a slight decrease compared to 2022 but a substantial increase since 2021, when 19.23 million were reached.

By type of attack, the Phishing dominated with almost 9 million registered cases in 2023, becoming the most frequently reported type of cyberattack. Las Personal data breaches ranked second with 1.66 million incidents, followed by 1.5 million cases of non-payment/non-delivery.

Spanish institutional framework: hierarchical and coordinated structure

Spain has developed a cybersecurity framework structured on four levels:

  • Level 3 - Political: National Security Council and National Security Act provide the highest strategic direction.
  • Level 2 - Strategic: Strategic Committee translates political guidelines into operational strategies.
  • Level 1 - Operational: National Cybersecurity Council coordinates activities between ministries, with the DSN Specialized Committee as a specific coordinating body
  • Level 0 - Technical: It includes specialized entities such as CCN-CERT, ESPD-CERTDEF, INCIBE-CERT and private CERTs, which provide technical capacity for response and prevention.

El Ministry of Digital Transformation and Public Service coordinates telecommunications and digital infrastructure, while INCIBE and NCC-ES they act as central nodes of the national cybersecurity network.

European regulatory framework: from NIS2 to DORA

The event comprehensively addressed the European legal framework, highlighting the implications of key regulations:

  • NIS2: Expands the scope and obligations of cybersecurity in the EU, applying to more sectors and establishing strict requirements for risk management, reporting and governance, in addition to requiring national cybersecurity strategies and improving cross-border cooperation.
  • CRA (Cyber Resilience Act): It focuses on the cybersecurity of digital products and IoT, establishing mandatory requirements for manufacturers, vulnerability reporting obligations and market surveillance with sanctions for non-compliant suppliers.
  • Cyber Solidarity Act: Strengthens the EU's response capacity to large scale incidents by creating a European Cyber Shield with cross-border Cyber Hubs, funding advanced threat detection systems and response coordination.
  • DORA: Ensures that financial institutions can withstand ICT-related disruptions, covering banks, insurers, investment firms and fintechs, with mandatory risk assessments and third-party monitoring.
  • GDPR: Reinforces the safe and responsible use of data as a central component of the European cyber strategy.

Europe as a market and regional cyber ecosystem

El European cybersecurity market to experience annual growth of 7.02%, going from 49.6 billion USD in 2025 to 65.17 billion USD in 2027. This growth positions Europe as a fundamental player in the global ecosystem.

The European ecosystem is characterized by being a key priority for the EU, integrated into the R&D framework programs and constituting a central issue on the agenda of the EU and Member States.

New Challenges: Key Factors of the Emerging Landscape

The forum identified six fundamental drivers that are redefining the cybersecurity landscape:

  • Multilateralism: International cooperation needed in the face of global threats
  • Frontera Technologies: AI, quantum computing and IoT as new vectors of risk and opportunity
  • Destabilization: Geopolitical conflicts that increase state attacks
  • Industrial Cybersecurity: Protection of critical infrastructures and OT systems
  • European New Deal: Strategic investment in European digital capabilities
  • Dual-use: Technologies with both civil and military applications

Institutional ecosystem: coordination and distribution of responsibilities

The European institutional structure operates as a coordinated and distributed ecosystem, where each organism performs specific functions:

  • ECCC (European Cybersecurity Competence Center): Define strategic priorities, investment and funding channels
  • ENISA: Provides technical support, promotes operational cooperation and leads regulatory harmonization
  • NCC-ES: Deploys programs at the national level and connects local actors with ECCC priorities
  • ECSO: It acts as a public-private bridge, connecting industry and the private sector with public institutions

🛡️ Consult with Apolo Cybersecurity and adapt your strategy to the most demanding European standards

Prev Post
Next Post

Any questions?
We're happy to help!

CONTACT US TODAY!
info@apolocybersecurity.com
Data Controller: Apolo Analytics SL
Purpose: To process your request and respond to your message.
Legal Basis: Consent of the interested party upon submitting the form.
Recipients: Data will not be transferred to third parties, except under legal obligation.
Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
Additionall information: You can view the full information on our Privacy Policy.

Thank you!

Your message has been successfully received.
Oops! Something went wrong when submitting the form.
We are waiting for you!
Schedule a call
Project photo
send us an email
Project photo
+34 937948378
Project photo
Carrer de Sant Joan de la Salle 42, Barcelona, spain
Project photo
FAQScontactTERMS AND CONDITIONSWork with Us
Accelerated by:
Certifications:
Light Eyes is part of Apolo Cybersecurity
LEGAL NOTICEPRIVACY POLICYCookies
Copyright © 2025 Apollo Cybersecurity