{"id":16345,"date":"2025-05-20T11:28:10","date_gmt":"2025-05-20T09:28:10","guid":{"rendered":"https:\/\/certuslegalfirm.com\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/"},"modified":"2025-05-20T11:28:10","modified_gmt":"2025-05-20T09:28:10","slug":"comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025","status":"publish","type":"post","link":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/","title":{"rendered":"Comprehensive guide to cybersecurity crisis management: doubts and lessons from the great Spanish blackout of 2025"},"content":{"rendered":"<p>On April 28, 2025, the Spanish power grid stopped working for more than four hours, at best. The incident affected 59\u202fmillion people throughout Spain, Portugal and parts of southern France. It caused losses of close to 1.6\u202fbillion euros, reminding us that resilience to a cyberattack is no longer an exclusive matter of the IT department, but an imperative that runs through the entire organisation. Although the experts attributed the fall to a problem of coordination between generation and distribution, public opinion immediately assumed that it was a digital aggression. This leap &#8211; from &quot;technical error&quot; to &quot;deliberate attack&quot;\u2014 shows two indisputable realities: <\/p>\n<ol>\n<li><strong>Any disruption to critical infrastructure is perceived today as a cybersecurity crisis.<\/strong><\/li>\n<li><strong>The distance between internal detection and media exposure is measured in minutes<\/strong>; the first version that reaches the public usually becomes the dominant narrative.<\/li>\n<\/ol>\n<p>To navigate this environment, businesses need a plan that combines technology, law, reputation, and finance. This guide, designed for readers familiar with frameworks such as NIST\u202fCSF, ISO\u202f27035 and ISO 22301, compiles the best practices and metrics essential to face a high-impact cyberattack successfully. <\/p>\n<h2><strong>Anatomy of a cybersecurity crisis<\/strong><\/h2>\n<p>A crisis is declared when an incident exceeds day-to-day procedures and threatens <strong>business continuity<\/strong>. The ISO\/IEC\u202f27035\u20112:2023 standard recommends activating a <em>Cyber Crisis Committee<\/em>: a command team that isolates affected systems, prioritizes critical assets defined in the <em>Business Impact Analysis<\/em> and authorizes external communications. To decide judiciously, the committee monitors, among other indicators, the <strong>recovery target time (RTO)<\/strong> &#8211; tolerable hours of inactivity &#8211; and the <strong>recovery target point (RPO)<\/strong> &#8211; data that can be lost without irreversible damage &#8211; in addition to legal and reputational risk. <\/p>\n<p>When sensitive personal data, interruption of an essential service and suspicion of intentional &quot;aggression&quot; converge, news coverage skyrockets. In 2024, for example, a European rail operator took 48\u202fhours to clarify that a breach affected its signalling system; that silence fuelled rumours of sabotage and led to a stock market crash of\u202f11%, far exceeding the real cost of the incident. <strong>Anticipating media pressure and preparing truthful messages is as crucial as containing the technical threat.<\/strong><\/p>\n<h2><strong>Strategic readiness: shielding before cyber attack<\/strong><\/h2>\n<p>Appoint a <strong>Chief Information Security Officer (CISO)<\/strong> with cross-cutting authority, along with a <strong>Data Protection Officer (DPO)<\/strong> involved throughout the information lifecycle. Both should report directly to the executive committee to avoid bottlenecks. <\/p>\n<p>Twice a year scenarios are recreated &#8211; double extortion ransomware, massive cloud filtration, internal failure &#8211; to measure detection, containment and recovery times. These exercises uncover both technical gaps and departmental friction. <\/p>\n<p><strong>Service Level Agreements (SLAs)<\/strong> should set a maximum RTO of four hours and the obligation to report serious incidents in less than two. The cyber insurance policy, on the other hand, must cover forensic expenses, sanctions of the General Data Protection Regulation (GDPR) and, if appropriate, ransoms, reviewing sub-limits and grace periods. <\/p>\n<h3><strong>Detection and analysis: from alert to attribution<\/strong><\/h3>\n<p>The first 24\u202fhours decide the fate of the crisis. <strong>Validating the alert<\/strong> involves contrasting it with the records of the <strong>SIEM<\/strong> (Security Information and Event Management) platform, the <strong>EDR<\/strong> (Endpoint Detection and Response) telemetry and the analysis of network flows. Once the intrusion is confirmed, <strong>the damage is sized<\/strong> &#8211; compromised surface, leaked data and potential cost using the FAIR (Factor Analysis of Information Risk) model \u2014 and the attack is <strong>preliminarily attributed<\/strong> (cybercrime, hacktivism or nation-state) to anticipate the next move. <\/p>\n<p>If the incident affects essential services or involves sensitive data, the committee immediately notifies the authorities and activates escalation protocols. At the same time, the legal team preserves evidence and controls the deadlines required by the GDPR and the European Directive NIS2. <\/p>\n<h3><strong>Containment and eradication: stopping bleeding<\/strong><\/h3>\n<p>Containing a breach requires balancing speed with preserving forensic integrity. The network is segmented, compromised credentials are revoked and critical patches are applied, while analysts capture forensic images and calculate <em>hashes<\/em> that prove the authenticity of the evidence. <strong>Documenting each step<\/strong> is the best defense against accusations of negligence. <\/p>\n<h3><strong>Recovery: safe return to normal<\/strong><\/h3>\n<p>Before reactivating the systems, the technical teams perform <strong>targeted penetration tests<\/strong>, scan residual indicators and verify the integrity of the backups. The legal department confirms that the notifications were sent to the Spanish Data Protection Agency in \u2264\u202f72\u202fhours (GDPR) and that the preliminary notice of NIS2 was sent in \u2264\u202f24\u202fhours. <\/p>\n<p>With the systems validated, a <strong>brief and contrasted statement<\/strong> is published that explains what happened, what measures have been taken and how those affected will be assisted. A final report &#8211; root cause, costs and improvement plan &#8211; is presented to the board, the insurers and, where appropriate, the regulator. <\/p>\n<h2><strong>Communication in the midst of crisis<\/strong><\/h2>\n<p>Industry studies indicate that a poor narrative can reduce market capitalization by up to 7% in just two weeks. To avoid this, the strategy rests on four pillars: <\/p>\n<ol>\n<li><strong>Controlled speed<\/strong>: issue a preliminary message in less than two hours.<\/li>\n<li><strong>Consistency<\/strong>: aligning public information with forensic findings.<\/li>\n<li><strong>Empathy<\/strong>: recognizing the impact on customers and partners.<\/li>\n<li><strong>Gradual transparency<\/strong>: updating data as it is confirmed.<\/li>\n<\/ol>\n<p>Repsol applied this formula in 2024: it disseminated a note 90\u202fminutes after the incident, stopped rumors and maintained its price, demonstrating that timely information mitigates reputational damage. <\/p>\n<h3><strong>Essential regulatory framework<\/strong><\/h3>\n<ul>\n<li><strong>GDPR<\/strong>: notification to the Spanish Data Protection Agency in \u2264\u202f72\u202fhours and, if there is a high risk, communication to those affected.<\/li>\n<li><strong>NIS2 directive<\/strong>: preliminary notice in \u2264\u202f24\u202fhours; complete report in \u2264\u202f72\u202fhours.<\/li>\n<li><strong>Law\u202fPIC (8\/2011)<\/strong>: immediate coordination with the National Center for the Protection of Infrastructures and Cybersecurity (CNPIC).<\/li>\n<li><strong>Law\u202f43\/2010<\/strong>: specific obligations for trust service providers.<br \/>\nIn addition, contractual clauses &#8211; especially in the financial sector, supervised by the European Banking Authority (EBA)\u2014 can impose even stricter deadlines.<\/li>\n<\/ul>\n<h2><strong>Cyber insurance: your financial safety net<\/strong><\/h2>\n<p>Current policies cover own damages &#8211; loss of earnings, research and restoration expenses &#8211; and third-party claims, including administrative fines where permitted by law. Review sublimits for ransomware, \u201ccyber warfare\u201d exclusions, and the inclusion of <em>breach coach<\/em> and crisis communication services. A Spanish SME that invoices 20\u202fmillion euros will pay between \u20ac5,000 and \u20ac9,000; the figure can be reduced by up to 30% with ISO\u202f27001 certification and annual <em>pentesting<\/em>. <\/p>\n<p>The <strong>cybersecurity crisis<\/strong> has ceased to be a marginal risk: today it determines the financial health and reputation of any organization. Only companies that combine <strong>rigorous preparedness, coordinated response, and continuous learning<\/strong> transform an incident into an opportunity to bolster the trust of customers, regulators, and investors.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On April 28, 2025, the Spanish power grid stopped working [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16342,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[225,64,63],"tags":[260,259,227,263,262,261],"class_list":["post-16345","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-new-technologies","category-legal","category-startups","tag-crisis-management","tag-cybercrime","tag-cybersecurity","tag-cybersecurity-crisis","tag-legal-counselling","tag-online-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Comprehensive cybersecurity crisis management guide<\/title>\n<meta name=\"description\" content=\"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Comprehensive cybersecurity crisis management guide\" \/>\n<meta property=\"og:description\" content=\"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"Certus Legal Firm\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-20T09:28:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"850\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alejandro Morales\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alejandro Morales\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/\"},\"author\":{\"name\":\"Alejandro Morales\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#\\\/schema\\\/person\\\/98e26355e45276a375d69c967ddeeacb\"},\"headline\":\"Comprehensive guide to cybersecurity crisis management: doubts and lessons from the great Spanish blackout of 2025\",\"datePublished\":\"2025-05-20T09:28:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/\"},\"wordCount\":1068,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/crisis-ciberseguridad-certus.jpg\",\"keywords\":[\"Crisis Management\",\"Cybercrime\",\"Cybersecurity\",\"Cybersecurity crisis\",\"Legal counselling\",\"Online Security\"],\"articleSection\":[\"\u200e New technologies\",\"Legal\",\"Startups\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/\",\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/\",\"name\":\"Comprehensive cybersecurity crisis management guide\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/crisis-ciberseguridad-certus.jpg\",\"datePublished\":\"2025-05-20T09:28:10+00:00\",\"description\":\"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/crisis-ciberseguridad-certus.jpg\",\"contentUrl\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/crisis-ciberseguridad-certus.jpg\",\"width\":850,\"height\":450},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Main\",\"item\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Comprehensive guide to cybersecurity crisis management: doubts and lessons from the great Spanish blackout of 2025\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/\",\"name\":\"Certus Legal Firm\",\"description\":\"Tu partner de servicios legales y fiscales especializados\",\"publisher\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#organization\",\"name\":\"Certus\",\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/certus-imagen-destacada.jpg\",\"contentUrl\":\"https:\\\/\\\/certuslegalfirm.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/certus-imagen-destacada.jpg\",\"width\":741,\"height\":389,\"caption\":\"Certus\"},\"image\":{\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.instagram.com\\\/certuslegalfirm\\\/\",\"https:\\\/\\\/es.linkedin.com\\\/company\\\/certus-legal-firm\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/#\\\/schema\\\/person\\\/98e26355e45276a375d69c967ddeeacb\",\"name\":\"Alejandro Morales\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g\",\"caption\":\"Alejandro Morales\"},\"sameAs\":[\"http:\\\/\\\/novalo.es\"],\"url\":\"https:\\\/\\\/certuslegalfirm.com\\\/en\\\/author\\\/gestion\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Comprehensive cybersecurity crisis management guide","description":"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/","og_locale":"en_US","og_type":"article","og_title":"Comprehensive cybersecurity crisis management guide","og_description":"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.","og_url":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/","og_site_name":"Certus Legal Firm","article_published_time":"2025-05-20T09:28:10+00:00","og_image":[{"width":850,"height":450,"url":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg","type":"image\/jpeg"}],"author":"Alejandro Morales","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alejandro Morales","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#article","isPartOf":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/"},"author":{"name":"Alejandro Morales","@id":"https:\/\/certuslegalfirm.com\/en\/#\/schema\/person\/98e26355e45276a375d69c967ddeeacb"},"headline":"Comprehensive guide to cybersecurity crisis management: doubts and lessons from the great Spanish blackout of 2025","datePublished":"2025-05-20T09:28:10+00:00","mainEntityOfPage":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/"},"wordCount":1068,"commentCount":0,"publisher":{"@id":"https:\/\/certuslegalfirm.com\/en\/#organization"},"image":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg","keywords":["Crisis Management","Cybercrime","Cybersecurity","Cybersecurity crisis","Legal counselling","Online Security"],"articleSection":["\u200e New technologies","Legal","Startups"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/","url":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/","name":"Comprehensive cybersecurity crisis management guide","isPartOf":{"@id":"https:\/\/certuslegalfirm.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#primaryimage"},"image":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg","datePublished":"2025-05-20T09:28:10+00:00","description":"To manage a cybersecurity crisis, companies need a plan that combines technology, law, reputation and finance.","breadcrumb":{"@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#primaryimage","url":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg","contentUrl":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2025\/05\/crisis-ciberseguridad-certus.jpg","width":850,"height":450},{"@type":"BreadcrumbList","@id":"https:\/\/certuslegalfirm.com\/en\/comprehensive-guide-to-cybersecurity-crisis-management-doubts-and-lessons-from-the-great-spanish-blackout-of-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Main","item":"https:\/\/certuslegalfirm.com\/en\/"},{"@type":"ListItem","position":2,"name":"Comprehensive guide to cybersecurity crisis management: doubts and lessons from the great Spanish blackout of 2025"}]},{"@type":"WebSite","@id":"https:\/\/certuslegalfirm.com\/en\/#website","url":"https:\/\/certuslegalfirm.com\/en\/","name":"Certus Legal Firm","description":"Tu partner de servicios legales y fiscales especializados","publisher":{"@id":"https:\/\/certuslegalfirm.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certuslegalfirm.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certuslegalfirm.com\/en\/#organization","name":"Certus","url":"https:\/\/certuslegalfirm.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certuslegalfirm.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2021\/11\/certus-imagen-destacada.jpg","contentUrl":"https:\/\/certuslegalfirm.com\/wp-content\/uploads\/2021\/11\/certus-imagen-destacada.jpg","width":741,"height":389,"caption":"Certus"},"image":{"@id":"https:\/\/certuslegalfirm.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.instagram.com\/certuslegalfirm\/","https:\/\/es.linkedin.com\/company\/certus-legal-firm"]},{"@type":"Person","@id":"https:\/\/certuslegalfirm.com\/en\/#\/schema\/person\/98e26355e45276a375d69c967ddeeacb","name":"Alejandro Morales","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/73af4149bfb1afb0100d57f1bef709319a8b9d623980d90ee8b550a30d02d960?s=96&d=mm&r=g","caption":"Alejandro Morales"},"sameAs":["http:\/\/novalo.es"],"url":"https:\/\/certuslegalfirm.com\/en\/author\/gestion\/"}]}},"_links":{"self":[{"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/posts\/16345","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/comments?post=16345"}],"version-history":[{"count":0,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/posts\/16345\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/media\/16342"}],"wp:attachment":[{"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/media?parent=16345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/categories?post=16345"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certuslegalfirm.com\/en\/wp-json\/wp\/v2\/tags?post=16345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}