Spain presents a paradox in the field of cybersecurity: it is the European country with the lowest percentage of cyber incidents, but also one of the most lagging in preparedness and cyber resilience. This is revealed by the study Operational Resilience in 2026 by ManageEngine, a division of Zoho Corporation, which analyzes five European countries. While the average incident rate on the continent reaches 66%, only 47% of organizations in Spain reported having suffered an attack in the last year. However, this figure should not be interpreted as a sign of strength, but rather as a possible lack of detection or reporting.

Cyber Resilience Methodologies: A Pending Subject

The study highlights that only 35% of Spanish companies have a formal methodology to measure and improve their cyber resilience, well below the European average of 56%. This implies that nearly seven out of ten organizations lack a structured framework to face incidents. Andrés Mendoza, Technical Director for Southern Europe and Latin America at ManageEngine, points out that “there is no such thing as ‘I never had an incident,’ because the incident is surely already there. What I need to know is whether I have the tools to detect, mitigate, and correct it.”

Furthermore, 49% of Spanish companies only make point improvements after an incident, instead of applying long-term strategic changes. Only 30% adopt a broad and continuous approach. This lack of strategic vision is also reflected in the fact that 25% of organizations have no defined time objectives for detecting and responding to critical incidents, and 17% lack a backup strategy for disaster recovery, the highest percentage among the countries analyzed.

The Human Factor and Technological Dependence

Mendoza emphasizes that the growing dependence on digital infrastructures, hybrid environments, and cloud services requires integrating resilience into the business strategy. Spanish organizations anticipate that AI-driven attacks will be the greatest risk in the next 12 months, and they prioritize threat monitoring and detection as their main investment. However, the human factor remains an Achilles' heel. Mendoza recounts a real case: “In a ransomware simulation, everything was documented and tools were available, but they did not consider that the person in charge of a manual action lived in another city and was unavailable. On paper, everything was perfect, but in practice, it failed.”

To avoid these failures, it is crucial that all departments participate in strategy design: compliance, legal, IT, cybersecurity, human resources, and senior management. “Cohesion and communication among all areas is key,” says Mendoza. In this sense, sustainability as a business lever can also be integrated into operational resilience, as can data integration for AI agents.

Distribution Model and Technological Alliances

ManageEngine has operated in Spain for twenty years through a single distributor, ALSO, which also covers Portugal. This model contrasts with other countries like France, where they work with multiple partners. Mendoza explains: “Our goal is not to find hundreds of partners, but technological allies with experience to implement tools and accompany the client. That advisory service is what we seek.” This philosophy of close collaboration is similar to that promoted in ethical hacking and penetration testing, where trust and specialization are fundamental.

The Spanish paradox demands deep reflection. It is not enough to have low incident rates if preparedness is deficient. Cyber resilience is not a destination but a continuous process that requires investment in methodologies, technology, and above all, people. As Mendoza points out, “we design software and processes, but we do not think about people.” For IT companies, this study is a call to action: integrate resilience into the organizational DNA, as proposed in the article on AI agents and operational maturity or in the success story of S2GRUPO, where cybersecurity and talent are growth drivers.

Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.