Spanish Companies Face External Risk Vulnerabilities

Over the past year, 85% of Spanish companies have increased investments in cybersecurity resilience. However, 50% recognize that their strategies are too focused on protecting their own perimeters, failing to adequately cover risks coming from third-party suppliers and emerging technologies like artificial intelligence and quantum computing. This vulnerability is exacerbated by geopolitical instability, as highlighted by Pablo Vera from Zscaler, who emphasizes that true resilience should extend outward to encompass partners and supply chains that can absorb external impacts before destabilizing operations.

Currently, only a minority of companies have revised their resilience strategies to address third-party dependence and supply chain instability. A concerning 72% of companies still rely on obsolete systems like firewalls and VPNs, with 56% stating that their existing IT architecture hampers their ability to respond to breaches, failures, and interruptions. Furthermore, 51% are testing or implementing agent-based AI without solid governance frameworks, while 61% lack visibility on 'shadow AI' practices. Despite awareness of future risks, 49% have yet to incorporate post-quantum cryptography into their strategies.