Digitalization has brought with it numerous benefits for companies, but it has also introduced a new challenge: cybersecurity. Today, many companies face threats such as data theft, infrastructure cyberattacks, and identity theft. These issues can affect business continuity and customer trust.
According to INCIBE’s Cybersecurity Balance for 2023, security incidents have increased by 24% compared to 2022, with a total of 83,517 episodes managed. Of these, more than 58,000 affected citizens and more than 22,000 affected private companies. Furthermore, the Crime Balance of the Ministry of the Interior shows that cybercrime in Spain continues to increase, with 237,640 criminal offenses registered between January and June 2024, which represents 19.4% of total national crime and an increase of 9.2% compared to 2023.
In this context, the cybersecurity job market is booming and needs specialized profiles. However, companies are having difficulty filling these positions. InfoJobs, through its Job Market Insights (JMI) tool, has analyzed the behavior of positions related to cybersecurity.
The data indicates that between January and October 2024, job offers for cybersecurity analysts have grown by 48% compared to the same period of the previous year. There is also a high demand for cybersecurity engineers, technicians and specialists, as well as emerging profiles such as cybersecurity consultants and teachers, which have seen a significant increase compared to 2023.
International Information Security Day
On the occasion of International Information Security Day, which is celebrated on November 30, InfoJobs has analyzed the relationship between cybersecurity and business in its II Report on Cybersecurity. This report examines key aspects such as concern about cybersecurity, the measures implemented and training in digital security in the Spanish business fabric.
2 out of 3 companies still do not train their employees in cybersecurity
Mónica Pérez, director of Communication and Studies at InfoJobs, highlights the importance of cybersecurity in companies’ digital strategy. «Crime has evolved in the digital environment, and it is essential that companies adopt preventive measures and promote a culture of safety among their employees and customers. It is crucial to address the use of advanced protection technologies, effective risk management, specialization of professional profiles and an organizational awareness that prioritizes protection at all levels,” says Pérez.
Cybersecurity Training
Despite the importance of cybersecurity, 2 out of 3 companies (66%) have not provided training or information on the subject in the last year. Of these, 51% have not done so and 15% plan to do so in the next six months. 34% of companies have provided training or information, with 14% offering training, 13% information and 7% both.
Large companies lead in this regard, with 73% having implemented cybersecurity training or information, compared to 22% of microbusinesses. Additionally, companies that have suffered attacks in the last year are more likely to implement cybersecurity training (41%) than those that have not been attacked (26%). This suggests that the experience of an attack drives investment in training to mitigate future risks.
Concern about Cybersecurity
This year’s survey shows that cybersecurity remains a high concern for more than 2 in 5 companies (43%), although this percentage has decreased slightly since 2021, when it was 48%. Medium concern has increased from 31% in 2021 to 33% in 2024, and low concern has increased from 21% to 24%.
The companies most concerned about cybersecurity tend to be in the quaternary sector, which is the most technological and digital, and are mainly medium and large companies. Previous experience with cyberattacks also increases concern and the implementation of preventive measures, including training. On the other hand, microbusinesses are the least concerned and have suffered the least from cyberattacks, which translates into fewer preventive measures and cybersecurity training.
The threat of advanced viruses is the main concern in cybersecurity, with 67% of companies considering it as such, compared to 62% in 2021. This is followed by banking Trojans and thefts (65% compared to 54% in 2021) and protection of networks against intrusion attempts or data theft (60% compared to 62% in 2021).
Employee responsibility in handling confidential documents has decreased as a concern, from 55% in 2021 to 51% in 2024. Although artificial intelligence is considered useful in cybersecurity by 60% of companies, 18% express concern due to its possible relationship with cyber attacks.
For companies with more than 250 employees, workers’ responsibility in handling confidential data is the second most important concern, after the threat of advanced viruses. In micro and small businesses, the threat of viruses and banking Trojans or theft are the main concerns.