The Government approves a strengthening of Spain’s cybersecurity and cyberdefence capabilities with 1,157 million euros

06/05/2025
Image of Minister Óscar López in the press room
  • These measures complement the actions included in the National Cybersecurity Plan, approved in 2022, and are also part of the Industrial and Technological Plan for Security and Defense, announced by the President of the Government on April 24.
  • The extension of digital infrastructures, the evolution of the geopolitical context, the challenges presented by disruptive technologies such as artificial intelligence or quantum computing, make it necessary to adapt the National Cybersecurity Plan to the new trends in cybersecurity and cyberdefense
  • In 2024, more than 100,000 cyberattacks were detected in Spain and every three days there was one considered to be very serious. These measures will help to improve the protection of information, services and, in particular, critical infrastructures of all kinds.

The Council of Ministers today approved a set of actions in cybersecurity and cyberdefence that complement the measures included in the National Cybersecurity Plan, approved on March 29, 2022, and which will have an investment of 1,157 million euros.

“Spain is an example to follow in terms of cybersecurity, according to the 2024 report of the International Telecommunication Union, which places the commitment and measures implemented by our country above the average of the countries of the European Union, and we are the second country in the world with more cybersecurity centers, just behind the United States. But we are ambitious and we want to continue to improve our position. Our duty as a government is to take advantage of the digital revolution with the same care with which we protect ourselves from its challenges. With a triple objective: Protect the digital rights of citizens; guarantee the stability and cyber-resilience of our economy; and defend the sovereignty and democratic values of the State”, explained the Minister for Digital Transformation and Public Service, Óscar López, in the press conference following the Council of Ministers.

In 2024, more than 100,000 cyberattacks took place in Spain and every three days there was a cyberattack considered as very serious. Since 2015, cyber attacks have increased by 300%.

The extension of digital infrastructures, the evolution of the geopolitical context and the challenges presented by disruptive technologies such as artificial intelligence and quantum computing, -which allow cyber-attackers to sophisticate attacks in a more elaborate and personalized way- make it necessary to adapt the National Cybersecurity Plan to the new trends in this matter. The ultimate goal is to protect information and services, especially critical infrastructures.

The actions agreed today by the Council of Ministers are also part of the Industrial and Technological Plan for Security and Defence, presented by the President of the Government on 24 April.

Types of actions

The set of actions will improve the capabilities of cybersecurity and cyberdefense of wide spectrum, from prevention, detection and protection to response and recovery.

One of them is the promotion of the 5G Security Operations Center (5G SOC) which monitors, controls and supervises 5G cybersecurity regulations and regulations. This center supports the cybersecurity teams of operators, manufacturers, corporate users and administrations.

The cyber-resilience of cross-functional digital management services and platforms for automated auditing of public administrations’ Internet-exposed services will also be strengthened. The objective is to improve the resistance to attacks of the systems of all Public Administrations.

Advanced Artificial Intelligence techniques will also be integrated into systems for detecting cyberattacks and the coordination of the response of public and private Cybersecurity Operations Centers will be improved. The system of generating early alerts in the field of cyberdefense and cybersecurity will be strengthened, and collaborations with universities will be promoted for cybersecurity research, among other actions.

Various ministerial departments are involved in the design and development of these measures. 22% of the total budget will be executed by the Ministry for Digital Transformation and the Public Service, including the Secretary of State for Telecommunications and Digital Infrastructures, the State Agency for Digital Administration (AEAD), Red.es and the National Cybersecurity Institute (INCIBE).

The Department of Homeland Security (DSN), under the Ministry of the Presidency, Justice and Relations with the Courts, will make an investment of 1.2% of the total budget.

The Ministry of Defence, through the National Intelligence Centre - National Cryptologic Centre (CNI-CCN), the Information and Communications Systems and Technology Centre (CESTIC) and the Joint Cyberspace Command (MCCE), will execute 60.4 per cent of the budget.

Finally, the Ministry of the Interior will carry out actions for 16.34% of the total budget.

Press release (PDF · 199,36 KB)