Cybersecurity has become table stakes for Spanish business
A medida que las empresas españolas trasladan su vida económica al mundo digital, los delincuentes han aprendido a explotar esa transición con una precisión inquietante. BBVA Allianz ha respondido ampliando su seguro de ciberriesgos para pymes, autónomos y startups, incorporando cobertura frente al fraude de identidad y la ingeniería social sin coste adicional. El gesto refleja algo más profundo que una actualización de producto: reconoce que la amenaza digital ha dejado de ser un riesgo periférico para convertirse en el principal riesgo empresarial del mundo, por quinto año consecutivo.
- España registró 122.223 incidentes de ciberseguridad en 2025, un 26% más que el año anterior, con el phishing como vector más frecuente para robar credenciales y propagar malware.
- Los ciberriesgos encabezan el Barómetro de Riesgos de Allianz para 2026, superando en diez puntos porcentuales a la inteligencia artificial y dejando atrás preocupaciones que hace una década parecían más urgentes.
- BBVA Allianz amplía su cobertura para incluir pérdidas derivadas de phishing, smishing y vishing —ataques en los que los empleados son engañados para transferir dinero a cuentas fraudulentas— sin incrementar el precio para pymes y startups.
- La aseguradora ha simplificado el cuestionario de contratación y garantiza acceso ilimitado a servicios de prevención y asistencia de emergencia, apostando por una protección continua en lugar de puntual.
- El sector financiero envía una señal clara: el ciberseguro ha dejado de ser un complemento opcional y se ha convertido en una necesidad operativa para cualquier empresa que opere en el entorno digital actual.
Las empresas españolas nunca habían estado tan expuestas al fraude digital, y el sector asegurador empieza a estar a la altura. BBVA Allianz ha renovado su producto de ciberseguro dirigido específicamente a pequeñas y medianas empresas, autónomos y startups, incorporando una nueva capa de protección frente a los esquemas de fraude de identidad basados en ingeniería social. Cuando los delincuentes suplantan a contactos de confianza para engañar a empleados y lograr transferencias a cuentas fraudulentas —ya sea mediante correos de phishing, SMS fraudulentos o llamadas de voz manipuladoras— la nueva cobertura absorbe las pérdidas económicas. Y lo hace sin coste adicional para el cliente, una decisión que habla de cómo la aseguradora valora esta protección: no como un extra, sino como algo esencial.
Las cifras justifican la urgencia. El Instituto Nacional de Ciberseguridad contabilizó 122.223 incidentes en empresas españolas durante 2025, un 26% más que el ejercicio anterior. Solo el phishing sumó más de 25.000 casos. A medida que los negocios han digitalizado sus operaciones, han multiplicado también sus puntos de entrada para los atacantes.
Lo que resulta revelador es la velocidad con que los ciberriesgos han escalado en la lista de preocupaciones empresariales. Hace una década ocupaban el octavo puesto; hoy lideran el Barómetro de Riesgos de Allianz para 2026 por quinto año consecutivo, aventajando en diez puntos porcentuales a la inteligencia artificial.
Junto a la ampliación de coberturas, BBVA Allianz ha reducido el cuestionario inicial de contratación y garantiza acceso ilimitado a servicios de prevención y asistencia de emergencia. La lógica es clara: la protección digital no es una compra puntual, sino un proceso continuo. Para el pequeño empresario que ya gestiona demasiados frentes a la vez, esa simplificación puede ser tan valiosa como la propia póliza. El mensaje de fondo, sin embargo, es inequívoco: en la España digital de hoy, el ciberseguro ha dejado de ser un lujo para convertirse en la apuesta mínima.
Spanish businesses are getting hit harder than ever by digital fraud, and the insurance industry is finally catching up. BBVA Allianz has just released an overhauled version of its cyber insurance product designed specifically for small and medium-sized companies, freelancers, and startups—a move that signals how seriously the financial sector now takes the threat landscape that has quietly become the top business risk in the world.
The centerpiece of the update is a new layer of protection against identity fraud schemes that work through social engineering. When criminals pose as trusted contacts and trick employees into wiring money to fraudulent accounts—whether through phishing emails, text message scams known as smishing, or voice-based deception called vishing—the new coverage kicks in to cover the financial losses. Notably, BBVA Allianz is adding this protection without charging customers extra, a signal that they view it as essential rather than optional.
The numbers explain the urgency. Spain's National Cybersecurity Institute recorded 122,223 security incidents across businesses in 2025, a jump of 26 percent from the year before. Phishing alone accounted for more than 25,000 of those incidents, making it the most common vector for stealing login credentials and spreading malware. As companies have moved their operations online and expanded their digital footprint, they've essentially opened new doors that criminals have learned to kick through.
What's striking is how quickly cybersecurity has climbed the ladder of business concerns. A decade ago, digital threats ranked eighth on the list of what executives worried about most. Today, according to the Allianz Risk Barometer for 2026, they sit at the top—and they've held that position for five years running. They now outpace concerns about artificial intelligence by ten percentage points, a gap that underscores how real and immediate the threat feels compared to emerging technologies that still feel somewhat abstract.
BBVA Allianz has also streamlined the process of actually buying the insurance. They've cut down the initial questionnaire that customers have to fill out, removing friction from a process that was already cumbersome. At the same time, they're guaranteeing unlimited access to prevention services and emergency assistance—the idea being that protection isn't something you buy once and forget about, but something you need to maintain continuously as threats evolve.
The product itself offers annual capital limits that vary depending on which version a company chooses, with coverage that extends worldwide but operates under Spanish jurisdiction. For small business owners juggling a dozen different operational headaches, the simplified contracting process might matter as much as the coverage itself. But the real story here is that cyber insurance has stopped being a luxury add-on and become table stakes. If you're running a business in Spain today, the question isn't whether you need this kind of protection—it's whether you can afford not to have it.
Citações Notáveis
Cybersecurity incidents have held the top position as the primary global business risk for five consecutive years, now surpassing artificial intelligence concerns by 10 percentage points— Allianz Risk Barometer 2026
A Conversa do Hearth Outra perspectiva sobre a história
Why did BBVA Allianz decide to add this identity fraud coverage without charging extra? That seems like leaving money on the table.
They're not leaving money on the table—they're recognizing that this is now the baseline expectation. If they charged extra for protection against the most common attack vector, they'd lose customers to competitors. It's become table stakes.
But the numbers show phishing is still growing. Doesn't that suggest the problem is getting worse, not better?
Absolutely worse. More incidents detected means more awareness, but also more attacks. The insurance product is a response to a threat that's accelerating, not slowing down. They're trying to make protection accessible before companies get hit.
You mentioned the simplified contracting process. How much does that actually matter compared to the coverage itself?
For a small business owner already stretched thin, it matters enormously. If buying cyber insurance takes three hours of paperwork, they won't do it. If it takes thirty minutes, they might. The coverage is useless if nobody buys it.
The report says cybersecurity has been the top risk for five years. Why did it take until now for insurance companies to respond this aggressively?
They were responding all along, but the market was fragmented and expensive. Now the threat is so widespread and the incidents so costly that they can afford to simplify and bundle. It's a volume play—more customers buying basic protection beats fewer customers buying premium packages.
What happens to a company that gets hit by one of these social engineering attacks but doesn't have this coverage?
They eat the loss themselves. If someone tricks an employee into wiring fifty thousand euros to a fraudster, that money is gone. The bank might help recover it, but there's no guarantee. That's why the insurance exists now—because the alternative is catastrophic for small businesses.