Tell us a little about yourself. What does your job at Telefónica involve?
I work in the Cyber Products and Services area at Telefónica Tech, where I am responsible for the Threat Intelligence and Offensive Security portfolio. I design, develop and position cybersecurity services with the aim of offering companies services that protect them and prepare them for the cyber threats that affect them and evolve at a rapid pace every day.
I work hand in hand with leading technologies in the sector and, most importantly, with incredible people who bring exceptional knowledge and commitment to the table. My day-to-day work is very dynamic because I interact with many different areas: operations, sales, pre-sales, marketing, legal, compliance… and we do this internationally, working closely with teams in Spain, the United Kingdom, the United States, Latin America and other countries where we operate.
It is a role that requires strategic vision, coordination skills and a passion for understanding both technology and business.
What is the importance of cybersecurity?
Cybersecurity today is not just a matter of protection, it is a strategic enabler for business. In an environment where threats evolve at the same speed as technological innovation, ensuring the security of digital assets is essential to maintaining trust, operational continuity and competitiveness.
Furthermore, cybersecurity is not limited to defending the perimeter: it seeks to build resilient organisations capable of anticipating, resisting and quickly recovering from any incident. And here Telefónica Tech has an essential role as a provider of managed cybersecurity services worldwide.
How has it evolved in recent years?
It has changed overnight. A few years ago, cybersecurity was almost an ‘extra’ for companies; today it is a strategic necessity.
We have moved from a model based mainly on perimeter protection, as if it were enough to build a wall around the organisation, to a much more dynamic and distributed strategy, where it is assumed that threats can arise both outside and inside the corporate environment.
In addition, the attack surface has grown exponentially. Now we not only protect data centres and internal networks, but also cloud services, mobile devices, industrial environments, IoT and users working from anywhere in the world.
Added to this is the professionalisation of threats. Cyberattacks are no longer the work of amateurs, but of highly structured criminal organisations and even state-sponsored actors.
In response to this situation, cybersecurity has had to evolve to incorporate artificial intelligence, automation, advanced detection and response, Zero Trust, proactive exposure-based protection and digital resilience frameworks.
Today, security is no longer just a technical area, but a critical business function that is at the heart of organisations’ digital transformation strategies.
What influence has the development of new technologies had on this evolution?
Without a doubt, the development of new technologies has had a huge influence on the evolution of cybersecurity. New technologies such as artificial intelligence, 5G, the cloud and the IoT have changed the rules of the game. They have opened up impressive opportunities, but they have also created new attack vectors.
It’s a bit like when the car was invented. It allowed us to go further and faster, but it also forced us to invent traffic lights, seat belts and traffic rules. The same is true in cybersecurity: every technological advance means designing new ways to protect it.
Why is it important to be able to anticipate threats?
Because in cybersecurity, time is against you. If you detect a threat after it has already been exploited, the damage is probably already done. Anticipating means understanding trends, knowing the techniques attackers use and strengthening your defences before it’s too late.
It’s not just about ‘seeing the problem coming’, but about being one step ahead to neutralise it before it has a real impact. Being able to act before the threat materialises is a competitive advantage and a must for any organisation that wants to ensure its continuity and reputation.
Which is more important: anticipating potential threats or being prepared to deal with them?
The politically correct answer would be ‘both’, but if I had to choose… get ahead. Anticipating threats allows you to reduce risks before they occur. Of course, the reality is that no protection is perfect, so you also need to be prepared to respond quickly and effectively when something slips through. It’s like having a good umbrella and knowing how to run fast when it starts raining.
We could say that anticipation is the ‘proactivity’ needed to minimise the chances of an attack, while preparedness is the ‘intelligent reactivity’ that ensures that, when an attack does occur, the impact is minimal and recovery is quick and effective.
In practice, the most mature organisations combine both capabilities in a risk management approach, aligned with frameworks such as Continuous Threat Exposure Management (CTEM), where prevention, early detection, agile response and resilience are integrated into a cycle of continuous improvement.
What are reactivity and cyber resilience?
Reactivity is the ability to act quickly when you detect a problem: contain the attack, eradicate it and recover.
Cyber resilience goes one step further. It is the ability to prepare, resist, adapt and recover from cybersecurity incidents. It is not just about surviving an attack, but about continuing to function and learning to become stronger. It is not just about dodging the blow, it is about falling and getting up more prepared.
In this sense, international frameworks and regulations (such as DORA in the financial sector or NIS2 at European level) increasingly require organisations not only to protect themselves, but also to demonstrate their ability to be resilient to cyber attacks. Resilience is therefore no longer an option, it is a key expectation for customers, partners and regulators.
How important is cybersecurity in the financial sector?
Cybersecurity in the financial sector is absolutely critical. We are talking about a sector that manages large volumes of sensitive data, economic assets and transactions that are vital not only for organisations but also for the stability of the entire economy. In fact, it is one of the most attacked sectors.
A security breach can have disastrous consequences, not only causing significant financial losses, but also damaging trust, which in the financial world is almost more valuable than capital itself. That is why it is one of the most heavily regulated sectors: regulations such as DORA, NIS2 and PSD2 require organisations to be not only secure, but also resilient.
And, of course, we cannot forget the importance of innovation in this sector. Digital payments, open banking, cloud services, etc. require a much more dynamic approach to security. In this sense, cybersecurity is what allows the financial system to evolve safely.
Which people working at Telefónica would you nominate for this interview because you consider them excellent at their job?
I would like to nominate my two colleagues in arms: Martina Matarí González and María Martinez Martín. I am very proud to share my day-to-day work with them!
