We live surrounded by headlines about artificial intelligence. The irruption of generative AI has transformed in just three years a technology reserved for highly specialized groups into a social phenomenon capable of influencing public conversation, politics and the daily decisions of millions of people.
In all this maelstrom, there is a risk that is going surprisingly unnoticed": "cybersecurity". A real "digital cholesterol" of our economy. It accumulates without apparent symptoms, acts silently and only shows its seriousness when it is too late.
CyberINsecurity does not make noise, does not interrupt processes or demand daily attention, but it accumulates in the form of bad practices, weak configurations, lack of digital culture, absence of procedures, non-updated systems, poorly managed identities or decisions that prioritize the urgent over the important. Until one day a digital heart attack appears: an attack that stops an essential service, exposes sensitive data or paralyzes an organization.
The most recent data from the National Cybersecurity Institute (INCIBE), corresponding to 2024, clearly show the scope of the problem: more than 97,000 incidents managed in Spain, with a significant growth in attacks targeting companies, which already represent approximately one third of the total. In Asturias, the increase in cybercrime is rising year on year, already accounting for one in four crimes committed in the region. And anyone who talks to companies easily comes to the conclusion that the real figure may be higher, because many incidents go unreported and unreported.
News about cybersecurity cases are increasingly striking: ransomware attacks paralyzing airlines, hospitals forced to suspend surgeries, entire logistics chains brought to a halt by malicious encryption of their systems, regional and local governments left without services for days. These episodes remind us that this is not just a technical issue, but also an economic, social and strategic one. Business continuity, reputation and competitiveness depend today on the ability to resist digital attacks, just as health depends on the ability to avoid a cardiovascular problem.
The good news is that Asturias is not starting from scratch. On the contrary, we have assets that many regions would envy. Firstly, a solid and competitive technological fabric at national level, made up of both consolidated ICT companies and startups that market cybersecurity solutions and are recognized nationally and internationally.
To this business fabric is added another strategic asset: a technology center of national and international reference based in Asturias, CTIC, with work carried out for prestigious bodies such as the European Union Cybersecurity Agency (ENISA). This center also develops projects in which it researches on critical technologies for the future of cybersecurity, such as self-sovereign digital identity, secure data exchange platforms, the application of artificial intelligence and quantum computing for cyber-attack detection, post-quantum cryptography or programmable cryptography techniques that allow processing encrypted data without compromising privacy. These technologies are already being integrated in demonstrators in the industry and energy sectors.
All this technological fabric is mainly articulated around the ICT Cluster of Asturias, whose Information Security Node brings together 29 companies and CTIC Technology Center. In addition, the close collaboration of the Cluster with the National Institute of Cybersecurity (INCIBE) is especially relevant.
On the other hand, both the Asturian Vocational Training and the University of Oviedo, through its specialized chairs, Masters and the micro-credentials recently developed in collaboration with the ICT Cluster, train the future professionals needed to meet the needs of regional companies, administration and society.
But there is a definitive step that still remains to be taken: democratizing cybersecurity. Just as happened with artificial intelligence, which for years was the domain of specialists until the irruption of generative AI made it an everyday topic, we need cyberINsecurity to also enter the conversation in homes, schools, companies and institutions of any size.
We observe positive signs in this direction, such as the fact that last week, for example, two relevant events coincided in Avilés: on the one hand, the presentation on November 14 by the Quality Club of a guide aimed at helping SMEs to measure their maturity in cybersecurity; on the other hand, that same day and the following one, the city hosted the ASTURCON-TECH 2025 congress, which brought together 400 attendees from all over Spain to discuss cybersecurity. These are signs that the topic is beginning to enter the economic and social agenda, but efforts must be multiplied.
Only when we talk about cyberINsecurity in companies, in the media, in education, in families and in decision-making bodies will we be able to build solid barriers. Only when we assume that every person, every organization and every institution is part of the system, will we be able to reduce this "digital cholesterol" that silently threatens our economic health.
In Asturias we have the mimbres: competitive companies, entities with the capacity to coordinate efforts, involved institutions and CTIC, a technological center of reference with extensive experience in projects in which cybersecurity is assumed "by design."
In Asturias we have the mimbres: competitive companies, entities with the capacity to coordinate efforts, involved institutions and CTIC, a technological center of reference with extensive experience in projects in which cybersecurity is assumed "by design". What we need now is to weave tighter: connect all these actors, create shared awareness and place cybersecurity at the center of public and business debate.
Because, in reality, we cannot afford to fall into the mistake of "putting the cart before the horse". We are driving digitalization, automation, artificial intelligence, data spaces and new digital services, but if we build all this without first reinforcing security, we will be building the house through the roof... and in the digital world, roofs in the air also fall fast.
As in health, prevention is always more effective and cheaper than emergency intervention. But beyond prevention, whoever best manages the threat of "cybersecurity" will also be more competitive, which makes it worthwhile to concentrate our efforts along these lines. In this way we can not only reduce risks, but also strengthen the resilience and competitiveness of our companies, ensuring a more secure and solid economic future for the region.
Asturias is in time to act. And we have the means to do so.
Article by Pablo Coca published on 27/11/2025 in the Tribune of the New Spain.