Spain (ES)

Spain implemented its National Cybersecurity Strategy in 2019, replaciing the first version published in 2013. Many of the measures in the action lines of the 2019 strategy are inter-related. 

It covers the following strategic goals of the ENISA self-assessment classification: Cybercrime, security and privacy balance, citizen awareness, critical information infrastructure protection, national cyber contingency plans, international cooperation, public-private partnership, incident response capability, institutionalised form of cooperation between public agencies, baseline security requirements, incident reporting mechanisms, R&D, cybersecurity exercises, incentives for private-sector investments, training and education programmes. 

In January 2021, the government published its Plan Nacional de Competencias Digitales (in Spanish) - National Digital Skills Plan, announcing joint investments within this frawework for the Digitisation of SMEs Plan 2021-2025 and the Digitisation of the Public Authorities Plan. The plan is a response to significant gaps in digital and cyber skills in Spain: 

  • 43% of the Spanish population lack basic digital skills.
  • The participation of women who are specialists in information technologies remains at a standstill.

Accordingly, the National Digital Skills Plan is aligned around four main lines of action: cross-cutting digital skills, the digital transformation of education, digital skills for employment and digital skills for professionals. The overarching goal is to make public reforms and investments to guarantee digital inclusion, reduce the digital gap between women and men, guarantee the digitisation of education, promote the acquisition of digital skills of the unemployed and workers, increase the number of ICT specialists and promote the necessary digital skills of companies. 




Cybersecurity Culture

Action Line 7 of the 2019 national cybersecurity strategy is aimed at contributing to goal IV, which revolves around a commitment to building a cybersecurity culture and and strengthening human and technological skills. The goals are wide-ranging and inter-related to other measures. 

  • Ensuring Spain has technical and human resources to guarantee the necessary technological autonomy and appropriate skills and training for the secure use of cyberspace,  making cybersecurity the key enabler for an entrepreneurial nation.
  • Improving collective cybersecurity, fostering a cybersecurity culture with the help of public and private organisations and the media, strengthening information mechanisms and offering help to citizens, promoting spaces for encounters between civil society, administrations and companies. 
  • Defining actions contributing to the secure and responsible use of information and communication technologies by promoting appropriate cybersecurity training for professionals based on job market demands, driving personal professional development and boosting specialised training and qualification, including skills to generate knowledge, develop R&D activities in cybersecurity and encourage the use of certified products and services. 
  • Paying special attention to protecting the technological patrimony, industrial and intellectual property. In this respect, it is important to promote technological sovereignty, making the most of digital transformation opportunities, encouraging the Spanish cybersecurity industry and boosting good practices in the development and implementation of information and communication systems. 


  • Extend and improve cyberthreat detection and analytical skills for detecting attack methods and origins, building up the necessary intelligence for more effective protection, attribution and defence. 
  • Strengthen the creation, dissemination and application of best practices and standards for cybersecurity. 
  • Ensure technical and operational coordination of organisations with cybersecurity responsibilities, companies and society. 
  • Promote participation from companies on sector-based platforms for information exchange and analysis, measuring sector-based risks and proposing actions to mitigate this alongside the legal requirements that regulate risks.


Cybersecurity for Citizens and Companies

Action Line 4 of the 2019 strategy focuses on boosting cybersecurity for citizens and companies with the following goals:

  • Offering citizens and the private sector an integrated public cybersecurity service of good quality and that is easy to access and encourage demand for cybersecurity business services. 
  • Boosting cybersecurity in SMEs, micro SMEs and among self-employed workers by articulating public policies on cybersecurity, especially for developing resilience. 

Action Line 7 on Cybersecurity Culture defines the following measures:

  • Increase awareness-raising campaigns for citizens and companies, providing them with useful information that is suitable for each profile, including the self-employed and small businesses. 
  • Strengthen actions towards joint responsibility for cybersecurity across society. 
  • Boosting plans and initiatives for digital literacy in cybersecurity. 
  • Promoting the spread of cybersecurity culture as a best practice and acknowledging business implications in improving collective cybersecurity as a corporate social responsibility. 
  • Raise awareness among executives to ensure they free up the necessary resources and promote cybersecurity projects within their organisations. 
  • Promote awareness-raising and training on cybersecurity in schools, adapted to all training levels and specialities. 
  • Seek and recognise media collaboration and participation, including citizen campaigns, especially among young people. 

National Initiatives

  • is4k - Internet Security for Kids is the Spanish initiative to encourage the safe use of the internet amongst children, including actions against cyber bulleying. The project received co-funding from the European Commission and sees the involvement of, which executives deploys plans of the Spanish Digital Agenda as part of the drive towards digital convergence with Europe, and INCIBE, which is the reference entity for the development of cybersecurity and digital trust for citizens, academia and research, professionals, companies and strategic sectors. The project's main aims on the INCIBE website are: 
    • Raise awareness and train minors, young people, families, educators and professionals through campaigns, initiatives and nationwide programmes. 
    • Offer a helpline service to advise and assist minors, families, educators and professionals in dealing with internet risks such as harmful content, contacts and inappropriate behaviour.  
    • Organise the Safe Internet Day in Spain.
    • Reduce the availability of criminal content on the internet. 
  • Women4Cyber Spain (W4C Spain) is the national initiative seeking to build a safer and more inclusive digital world. Its aim is to become a benchmark in promoting and making the role of women in cybersecurity visible in Spain, increasing gender diversity in the sector. 
Research, Development and Cyber Skills

Action Line 5 of the 2019 strategy aims to strengthen the Spanish cybersecurity industry and its capacity to nurture and retain talent and bolster digital autonomy. Goals include:

  • Boosting R&D support programmes in digital and cybersecurity in SMEs, businesses, universities and research centres, facilitating access to national and international incentive programmes and through innovative public purchasing programmes. 
  • Incentivising innovation, investment, internationalisation, technology transfer, expecially for SMEs and micro SMEs. 
  • Increasting national activities to develop cybersecurity products, services and systems, prioritising security-by-design approaches and national autonomy. 
  • Updating and developing competence frameworks in cybersecurity that meet the needs of the job market.
  • Identifying needs for professional skills in cybersecurity, promoting collaboration between educational and training institutions by boosting continuous training, employment training and university education and promoting professional credentials and certification systems. 
  • Including professional cybersecurity profiles in public-sector job descriptions. 
  • Detecting, encouraging and retaining talent in cybersecurity with special attention to the research field. 
  • Boosting specific R&D programmes in cybersecurity and cyber defence.

Another related goal is encouraging centres of excellence and research facilities to work together to tackle cyberthreats. 

Higher Education Courses on Cybersecurity
Public-private Partnership

Action Line 4 of the 2019 strategy (boosting cybersecurity for citizens and companies) has several goals aimed at improving public-private partnerships:

  • Stimulating cooperation between public and private players, including commitment from internet and digital service providers to improve cybersecurity. 
  • Boosting national regulation in this respect and implementing measures for the active cyber defence of citizens and SMEs. 
  • Promoting the establishment of a National Cybersecurity Forum that incorporates representatives from civil society, independent experts, the private sector, academia, associations, non-profit-making organisations, among others, to strengthen and set up public-private synergies that can help generate knowledge on security opportunities and threats in cyberspace. 

Public-private collaboration received a major boost through the Spanish National Digital Skills Plan published in January 2021, when the Spanish government annouced plans for an €11bn investment to boost digitisation of SMEs and public authorities and to strengthen digital skills.  

  • Defining plans within the framework of the Digital Spain Agenda 2025: the National Digital Skills Plan, the Digitalisation of SMEs Plan 2021-2025 and the Digitalisation of the Public Authorities Plan. The plans are part of the public-private collaboration with public investments acting as a lever to mobilise significant investments enabling the private sector to drive digitisation in coming years. 

Digitalisation of SMEs Plan 2021-2025

  • The Digitalisation of SMEs Plan 2021-2025: Budget of  €4.66 billion with a direct impact in the form of digitalisation subsidies of €4.46 billion. Five main lines of action have been defined: basic digitalisation for SMEs, support for managing change to promote business training for executives in digital skills, enhancing disruptive innovation and entrepreneurship, support for sector digitalisation, with special focus on industry, tourism and trade, and a line of action on coordination and efficiency. Targets: Reaching 1.5 million SMEs, half of all SMEs in Spain.

Digitalisation of Public Authorities Plan 2021-2025

  • The Digitalisation of the Public Authorities Plan: Ensuring that Spain can gain further drive the development of e-government to respond to citizens' needs in a faster and more effective fashion. Furthermore, digitalisation in this field is crucial because the public authorities act on a support basis and as a lever to the major transformations and needs of the country. This Plan provides for a raft of public reforms and investments with an allocation of €2.6 billion. Three main lines of action have been established with 17 measures. The first is the digital transformation of the public authorities, the second includes guiding policies on digitalisation affecting such areas as health and justice, and the third main line of action revolves around the digital transformation and modernisation of the Ministry of Territorial Policy, autonomous regions and local authorities.

IT/Cyber Clusters

EU Cyber Professional Register for national stakeholders

The European Cybersecurity Professional Register (CyPR) is all about boosting opportunities in the cybersecurity marketplace. 

This CyPR is the place where professionals, juniors or seniors, can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.

Organisations of any size or sector from SMEs to large companies and public institutions can find and contact professionals with the right skills and experiences they need to improve their IT security posture.

Latest Update & Disclaimer

January 2021.

The information contained here is based on desk research carried out by, including the ENISA interactive maps on national strategies and educational courses. 


Cybersecurity Response Teams: GDPR and NIS Directive Compliance and Notification

National Computing Security Response Teams 

The 2019 strategy commits to strengthening and supporting developments in the Spanish CSIRT network. 

Spain has several national and regional computer emergency response teams (CERTs).

The National Centre for Critical Infrastructure Protection (CNPIC) acts as the national competent authority for network and information security in Spain (NIS).

CERTSI is the national accredited CSIRT for security and industry. This accredited CSIRT is in charge of coordinating response measures across Spanish networks (Spanish:; English:

CCN-CERT is the national alert and reporting system for Public administration, company and organisation of strategic interest, such as those essential for Spanish security and economy (Spanish:; English:

CSUC-CSIRT is one of the computer emergency response teams for the University of Catalanya (Catalan:; English:

EsCERT  is the second computer emergency response team for the regional academic network (Catalan:; Spanish:; English:

RedIRIS is the third computer emergency response team for the Academia and Research network (English:

CSIRT-CV is the security centre of the Valencian community (Spanish:


  • Collaborative tool: REYES ('Kings' in Spanish) is a collaborative tool to exchange information about cyber threats. Access will be granted upon request to those organisations that are users of the Early Alert System of the Spanish CERT. It is based on MISP (Malware Information Sharing Platform) technology. There is also coordination with similar systems in other countries.
  • CCN-CERT Analysis tool: MARTA is the name of an advanced sandboxing platform devoted to the automated analysis of files which may have a malicious behaviour. It can be used by those organizations being part of the Early Alert System of the Spanish CERT. This tool analyses several kinds of files (.doc and .pdf among others).
  • CCN-CERT Analysis tool MARIA is a detection tool developed for static analysis of harming code by means of multiple antivirus and antimalware engines for Windows and Linux platforms.
  • CCN-CERT Analysis tool: LUCIA is a tool developed aiming at the management of cyber incidents at the entities for which the national security schema is applied. This tool pursues to improve the communication between the governmental CERT and the organisms and organisations it collaborates with.

Participation of EMPACT projects in coordination with EUROPOL. Operative actions fostering the collaboration with the private sector and awarenss raising.

Participation in CyberEurope, the pan-European cyber exercise organised by ENISA.

Participation in CyberEx, international cybersecurity exercise in cooperation with the Organisation of American States.

Participation in the European Cyber Security Challenge, organised by the European Commission and ENISA, with INCIBE and other 9 members in the Organisation Committee. Spain ranked first in the competition.

Report a cyber incident to national CERT/CSIRT

CERTSI - The Incident Response service is aimed at:

  • Citizens and businesses: through the OSI ( and telephone 901 111 121) and the e-mail
  • Staff from academic and research network (Red IRIS): through the e-mail Mailbox of RedIris
  • Strategic and Critical Infrastructure Operators: through the e-mail inbox PIC CERTSI






Languages Spanish; English
Latest Update & Disclaimer

January 2021.

The information contained here is the result of desk research carried out by 


Contact us for more info


Spain (ES) | Cyber Range & Capacity Building in Cybersecurity


The website encountered an unexpected error. Please try again later.