In today’s corporate cybersecurity landscape, companies must realize that it is not a question of if, but when. According to the Hiscox 2024 Cyber ​​Preparedness Report, 96% of Spanish companies have been the target of cyber attacks in the last 12 months, either successfully or in failed attempts.

The study reveals that two-thirds of Spanish organizations (66%) have experienced an increase in the frequency of cyberattacks, while only 12% have observed a decrease. This increase in attacks has intensified the consequences for businesses, especially with the rise in ransomware attacks. In addition, they compromise the most valuable assets of companies, such as data, and their operational continuity, generating costs that can sometimes be in the millions.

“The fact that almost all Spanish companies have been the target of cyber attacks, regardless of whether they were successful or not, shows us that the problem of cyber threat is not a mere trend, but a true reality for the entire fabric. Spanish business. For this reason and taking into account that the economic consequences can be very significant for the viability of businesses, it is more important today than ever to redouble efforts in terms of prevention and training of all employees,” says Nerea de la Fuente, Underwriting Director at Hiscox Iberia.

Corporate cyber attacks

One of the main consequences of cyberattacks, for the second year in a row, is financial loss due to payment diversion fraud. This type of fraud involves the diversion of funds through the fraudulent use of email. In the last 12 months, more than half (55%) of companies reported having suffered this type of loss, compared to 38% the previous year.

Additionally, the report highlights a significant increase in the incidence of ransomware attacks, in which systems or computers are locked and a ransom payment is demanded to release them. 38% of Spanish companies have been victims of ransomware in the last 12 months, compared to 23% the previous year. This trend is also observed in other types of cyber attacks.

For example, distributed denial of service (DDoS) attacks have affected 51% of organizations in the last year, compared to 23% the previous year. The misuse of computer resources has been reported by 53% of companies, compared to 23% the previous year. Non-ransomware virus outbreaks have affected 46% of companies, compared to 23% last year.

Meanwhile, encrypted data loss, where data is not exposed, has increased to 33%, 20 percentage points more than in 2022. Unencrypted data loss, where data may have been exposed, has affected 35% of companies, compared to 14% the previous year.

The adoption of cyber insurance

In response to these growing threats, 52% of Spanish companies have adopted cyber insurance as a key protection measure. This adoption has grown significantly in the last 12 months. The previous year, only 30% of companies had cyber insurance and 14% planned to acquire one. This year, more than half of companies already have the protection of independent cyber insurance, reflecting the growing importance of these policies in organizations’ cybersecurity strategy.