Here’s the translation to American English:
—
The insurance sector has presented a comprehensive analysis of cyber risks in the educational field in Spain, covering a total of 2,700 schools and 216 higher education institutions. This study identifies the most common threats faced by these entities and provides guidelines to strengthen their resilience against cyber incidents.
The document, titled “Report 2025: Cybersecurity in the Education Sector,” examines the current situation of the sector, assessing the operational, legal, and reputational risks affecting educational centers in the country. Its aim is to equip institutions with the necessary knowledge to effectively address cyber risks.
One of the most significant figures indicates that the education sector is the most attacked globally, with a notable increase in attacks in Europe expected by 2025. In Spain, seven out of ten universities have reported incidents of cyberattacks in the past year. Additionally, there has been a serious exposure of credentials associated with school and university portals, complicating secure access if appropriate countermeasures are not implemented.
The economic impact of these cyberattacks is considerable, with the average cost per incident estimated at approximately €2.24 million. This amount includes ransom payments and recovery expenses, as well as fines imposed by the Spanish Data Protection Agency (AEPD) due to noncompliance with the General Data Protection Regulation (GDPR), resulting in a high financial risk.
Among the most highlighted risks are hacking, human errors, and social engineering techniques like phishing. The increasing threat of generative artificial intelligence has further complicated the situation, facilitating the creation of more sophisticated and harder-to-detect attacks.
To tackle these challenges, the report offers a protection pyramid and a program of priority measures. José Romero, CEO of the Insurance Sector, emphasized that “the question is no longer ‘if,’ but ‘when,’” highlighting the urgent need to protect sensitive data and ensure continuity in education.
The methodology of the analysis is based on a detailed review of the websites of educational institutions and the collection of data on attack trends and international compliance. With this approach, the report aims to be a valuable tool for educational leaders to prioritize their investments and strengthen their capacity to respond to cyber threats.
—
Let me know if you need any further assistance!
Referrer: MiMub in Spanish
