The importance of having robust cybersecurity systems in the face of the increase in crimes carried out with digital tools does not go unnoticed by Galician companies, especially those of larger size, which, although they are considering the implementation of improvements in this regard, on the 15th, … 49% experienced a cybersecurity incident in 2025.
This is shown by the data from the survey carried out by the Galician Institute of Statistics (IGE), in which the known as ““Phishing” is crowned as the main crime, affecting 10.19% of companies consulted the headquarters in Galicia. Type of cyberattack in which criminals impersonate entities such as banks, businesses, or impersonate an individual to illegally obtain sensitive information. A method of operation which has spread thanks to social networks and emails, allowing in particular web links to fake pages which simulate the authentic ones – such as the headquarters of a bank -, beyond traditional deception to obtain information such as identity documents, bank details or passwords.
However, the data varies considerably depending on the type and size of the company, being more frequent in those with 50 or more employees and, in particular, in the commerce and industry sectors. Actually 51.75% of companies dedicated to commerce with more than 50 employees have suffered cybersecurity breaches Throughout the year, while in industry the percentage rises to 49.11%, in construction it rises to 49.40% and in hospitality it drops to 30.56% of large companies.
On average, across all sectors, companies with more than 50 employees recorded cybersecurity incidents in 47.76% of cases, while in those with 10 to 49 employees, the percentage of people affected is reduced to 27.17% and in those with fewer than 10 employees, 13.52% suffered cyberattacks.
And even if large companies are the preferred targets, they are also those that are best prepared against cybercrime and those that devote the most resources to this problem: 22.28% say they have a high level of preparation and 66.54% adequate.
The same is not true for all Galician companies, since one in three (30.51%) admits to having weak and insufficient cybersecurity measures, equipment and knowledge. Additionally, 9.17% of companies do not have any cybersecurity measures in place, while 53.48% of the total say they have sufficient resources to combat this problem and 6.84% report having a high level of preparation against cyberattacks.
Main threats
In addition to phishing and identity theft, most common types of attacks that affect Galician businesses are computer virus infections, denial of service attacks – preventing access to web pages -, unauthorized access and installation of malware (malicious programs).
To counter these attacks, companies headquartered in Galicia opt for measures such as strong password authentication, backup copies, network access controls, the use of a VPN (which hides the user’s identification and location), two-phase authentication (for example requiring the use of an application) or data encryption.
About The Author
