Bridging Spain’s Cybersecurity and AI Talent Shortage: Insights from Elisa Alises

Elisa Alises, UNIR Cybersecurity Director, analyzes Spain’s cyber threats, talent gaps, and AI risks. Discover how academia prepares defenders against ransomware, deepfakes, and infrastructure attacks

As Spain faces escalating cyber threats, from AI-powered deepfakes to infrastructure-targeting ransomware, academia must bridge the talent gap and evolve faster than attackers. 

Against this backdrop, we speak with Elisa Alises Núñez, Academic Director of the Cybersecurity Degree Program at Spain’s Universidad Internacional de La Rioja (UNIR). A computer engineer and Offensive Security Engineer (certified CEH Master, CSIO, CSCE), Alises merges frontline industry expertise with educational leadership.

She designs UNIR’s curriculum to transform students into agile defenders through hands-on labs, threat simulations, and European research collaborations. Here, she dissects Spain’s cyber vulnerabilities, regulatory progress, and how academia fuels a resilient national defense.

What are the main cybersecurity threats currently facing Spanish companies and public institutions?

Currently, the main cybersecurity threats facing companies and public institutions in Spain are closely related to social engineering — often referred to as “the art of deception.” This includes phishing attacks and other forms of digital fraud that aim to trick individuals into revealing credentials, accessing sensitive information, or performing harmful actions such as unauthorized transfers or installing malware.

In addition, many security breaches result from misconfigurations, the use of default or weak credentials, outdated systems with known vulnerabilities, or poor access and permission management.

We also cannot ignore malware attacks — particularly ransomware — which remain highly relevant and damaging, as they encrypt critical systems and demand payment for their release. Overall, these threats highlight the urgent need to combine technical safeguards with ongoing training and cybersecurity awareness across the population.

How is the Spanish government supporting the growth of the national cybersecurity sector through regulation or investment?

The Spanish government (as well as private companies) is increasingly investing in cybersecurity — both by strengthening infrastructure through the implementation of security measures and by hiring specialized services such as security audits and pentesting (ethical hacking) to proactively identify vulnerabilities.

On the regulatory side, new laws and updates are being developed to address emerging threats, including those related to AI-generated identity fraud or attacks on critical infrastructure.

Despite these advancements, the challenge remains significant: cybercriminals often evolve faster than detection, response capabilities, or even legislation. For this reason, continuous commitment, technological innovation, and professional training are more necessary than ever.

What role do Spanish startups play in driving innovation in cybersecurity tools and practices?

Spanish startups are playing a key role in cybersecurity innovation. In recent years, there has been a notable rise in new companies developing specialized solutions in areas such as early threat detection, vulnerability analysis, automated incident response, cyber intelligence, and protection against AI-driven threats.

These startups bring agility, creativity, and a forward-thinking technological approach that complements the work of larger cybersecurity firms. Moreover, many of them collaborate

with universities, research centers, and public organizations, fostering knowledge transfer and the development of solutions tailored to today’s market needs.

Thanks to a combination of young talent, disruptive approaches, and institutional support, Spain's cybersecurity ecosystem is growing steadily and positioning itself as a European leader in innovation.

Are there sectors in Spain (e.g., finance, healthcare, logistics) that are more vulnerable or more advanced in cybersecurity preparedness?

Yes, different sectors in Spain exhibit varying levels of vulnerability and cybersecurity maturity, depending on factors such as available resources, the critical nature of their services, and the complexity of their technological infrastructure.

For instance, many public sector institutions — such as local governments, healthcare, or education — often face budget constraints and lack specialized cybersecurity staff. This hampers the regular updating of devices and systems, and in some cases, legacy software must be maintained due to compatibility or dependency issues, significantly increasing risk.

Moreover, the sheer scale and complexity of systems — such as hospitals or decentralized administrative networks — enlarge the attack surface, making them harder to secure.

In contrast, sectors like finance or technology, which are more heavily regulated and better funded, tend to be more advanced in their cybersecurity preparedness. They often have modern infrastructures, stricter security policies, and dedicated cybersecurity teams. However, they are still prime targets due to the high value of the data they manage.

Ultimately, while cybersecurity maturity varies across sectors for different reasons, there is a general trend in Spain toward increased awareness and professionalization, driven by regulation and the growing frequency and sophistication of attacks.

What are the biggest challenges Spanish companies face when hiring or retaining cybersecurity professionals?

One of the biggest challenges for Spanish companies is the shortage of qualified cybersecurity professionals. Although interest in the sector is growing, demand continues to far outpace supply. Furthermore, cybersecurity comprises multiple specialties — such as malware analysis, incident response, digital forensics, ethical hacking, and cloud security — and there are specific areas where very few professionals are trained or in training.

This is compounded by the complexity of the field, which requires constant knowledge updates due to the rapid evolution of threats, technologies, and regulations.

Talent retention is another major issue. Cybersecurity is a dynamic sector with high turnover and strong international competition. Many professionals receive more attractive offers from abroad, both in terms of salary and career prospects, making it difficult to retain talent within the Spanish market.

Therefore, companies must not only offer competitive conditions, but also invest in continuous training, professional development, and environments that foster growth and purpose.

How is the adoption of AI and cloud technologies transforming cybersecurity practices in Spain?

The adoption of artificial intelligence (AI) and cloud technologies is profoundly transforming cybersecurity practices in Spain — both in terms of benefits and risks.

AI has become a key tool in cybersecurity, supporting a wide range of tasks: from real-time threat and anomaly detection, to automated vulnerability analysis, incident response, secure code development, and more precise technical reporting. Its ability to process large volumes of data and learn patterns is particularly valuable in time-critical environments.

However, AI also introduces new risks. Cybercriminals are using it to generate fake content, impersonate individuals (e.g., deepfakes), automate attacks, and identify vulnerabilities more efficiently — raising the overall sophistication of threats.

Cloud technologies bring clear advantages as well, such as scalability, cost savings, remote access, encrypted storage, and high availability. Yet they also introduce new risks, including configuration errors, external dependencies, data leaks, and unauthorized access — especially when proper security policies are not applied.

In summary, both AI and cloud services are powerful allies for advancing cybersecurity, but they also require continuous evolution in defensive strategies, tighter control over digital environments, and ongoing upskilling of cybersecurity teams.

To what extent does the UNIR cybersecurity degree prepare students for real-world positions in the private sector or public administration?

The Cybersecurity Bachelor's Degree at UNIR is an official, accredited program that provides structured academic training designed to prepare students for real-world challenges in both the private sector and public administration.

Throughout the program, students build essential foundations in areas such as networking, operating systems, cryptography, secure programming, incident management, and other key pillars of cybersecurity. In the later years, the curriculum dives deeper into specific domains — including ethical hacking, digital forensics, cyber intelligence, cloud security, reverse engineering, and others — helping students explore available career paths and specialize according to their interests.

A key strength of the program is its up-to-date content, aligned with industry needs and societal demands. Additionally, courses are taught by experienced professionals who are active in their respective fields, often combining teaching with hands-on work in cybersecurity.

As with most technical disciplines, this degree is just the beginning. After graduation, further specialization and professional certifications (such as CEH, OSCP, or CISSP) are recommended, depending on the student's chosen career path.

In short, UNIR’s cybersecurity degree offers a solid and current academic foundation on which students can build a strong and market-ready career.

What kind of practical experience (e.g., simulations, labs, hands-on training) do UNIR students receive to bridge theory and practice?

The UNIR Cybersecurity Degree places strong emphasis on bridging theory with practice through a variety of hands-on experiences. Each instructor tailors their course to align with real-world market needs and the specific roles students may pursue in that cybersecurity domain.

As a result, students regularly engage in virtual labs, simulations of attacks and defenses in controlled environments, digital forensic exercises, penetration testing (pentesting), secure system configurations, and other practical activities that closely mirror real-world scenarios.

Additionally, students work with professional tools and platforms that are commonly used in the industry, enhancing their technical readiness and helping them transition smoothly into roles in both private companies and public institutions.

How do UNIR students and faculty engage with the national or European cybersecurity ecosystem through research or collaborations?

At UNIR, both faculty and students actively engage with the national and European cybersecurity ecosystem through research initiatives and strategic partnerships.

Doctoral programs are available that promote advanced research in areas such as AI applied to security, privacy, cyber defense, and threat analysis. Many faculty members also participate in research projects — individually or as part of national and international consortia.

Moreover, UNIR collaborates with tech companies, cybersecurity firms, and public institutions on joint projects, proof-of-concept developments, knowledge transfer initiatives.

These collaborations enrich the academic content and create opportunities for students to get involved in real innovation environments, building connections with the professional ecosystem.