The Recovery, Transformation and Resilience Plan (PRTR), also known as: Plan Spain Maysupervises the implementation of the EUR 72,000 million in direct grants that will be received until 2023 under the Next Generation EU European Fund.
This document lists 10 ‘leverage’ policies that cover the projects that will be included in each of them. Within number five, focusing on the modernization and digitization of the business ecosystem, promoting the cybersecurity of the Spanish productive fabric.
Next Generation EU Funds
As explained by Carmen Urraca, Director of European Funds at Banco Sabadell, in the webinar ‘Next Generation EU funds: boosting cybersecurity in SME’ hosted through Banco Sabadell’s HUB Empresa, “there is a significant cybersecurity gap between large companies and SMEs in need and the European Next Generation EU Fund is a unique opportunity to reduce this”.
“The Digital Kit program will be the key to narrowing the cybersecurity gap between large companies and SMEs”, Urraca, Banco Sabadell
In this sense, Urraca assures that the Digital Kit program will be essential to narrow this gap. The 3,000 million euros from the budget of this program will be used, among other things, to improve the digital administration of SMEs in the field of, for example, cybersecurity or storage and backup of your critical information.
One of the biggest problems, according to Lucía Arias, chief advisor public sector technician at Govertis Advisory Services, is that “more and more cyber-attacks are happening on SMEs because they are more vulnerable, as large companies invest more and more resources and empower themselves, so cybercriminals tend to focus on going for the ‘weakest’.
This expert adds that the average economic cost of a cyber-attack is around 35,000 euros, “which may mean the final shutdown for some companies, especially for micro-SMEs”.
In line with this, Xavier Serrano, Director of Technological Security at Banco Sabadell, assures that “it is very important that every SME, regardless of its size, carries out a self-diagnosis to the best of its ability and as soon as possible which digitized services it provides to third parties and what would happen if they stopped working for a few days if they were rendered useless by a cyber attack.
Awareness and preparation
As Fernando Mateus, CEO of Kymatio, clarifies, “No business or citizen is exempt from suffering a cyber attack.” In fact, this expert states that “most cyber attacks are carried out by robots and software They do not discriminate against anyone.”
Despite this, in the case of companies that “a cyber attack can completely paralyze their activities, only 20% of SMEs in Spain believe that they could be victims of a cyber attack.” For this reason, “it is critical to promote awareness socially so that the problem is not underestimated,” he adds.
In this sense, Mateus emphasizes that “the best defense against a cyber attack is to be prepared and that is done by making a good diagnosis in advance”.
For this, this expert considers it essential to know the organization and what critical points it has, in order to be able to think later about what threats can be executed with regard to the assets that the company has. “By going through these steps properly, solutions can be applied and a security master plan can be implemented, in other words actively working on security measures that are related to risk reduction.”
The Kymatio CEO also points out that currently about 90% of cybersecurity incidents require employee participation, so “SMEs need to increase the digital culture of their human capital”.
To achieve this, they need to take measures that improve the current situation, such as promoting a culture of safety for employees and in particular cybersecurity awareness content, as well as promoting the remaining use of protection anti malware†
Impulse from the state
An initial item of EUR 26,600 million has been included in the general state budgets for 2021, which corresponds to the Next Generation EU European Fund. In line with the axes of the Spain Digital Agenda 2025, they are considering the investment of €213 million for the development of cybersecurity in SMEs, which will be added to a further €1,097 million for the promotion of digital skills in these types of companies.
With regard to the implementation of the plans charged to European aid, the Ministry of Economic Affairs and Digital Transformation launched in February a call for expressions of interest (MDI) on strengthening the cybersecurity capabilities of SMEs and promoting your intended cybersecurity:
- Raising the awareness and cybersecurity capacity of SMEs
- Boosting the demand for cybersecurity services by SMEs, promoting their adoption of cybersecurity services
- Improving the resilience of SMEs to digital threats and risks
- Promote the dissemination and knowledge of cybersecurity technology