Caring for those who care: Prosegur looks after its human capital
Access the full article
.webp)
How can a company move from reacting to incidents to anticipating them? We spoke with David Fernández Granado, CEO of Cipher, and Daniel G. Gago, CISO of Nalanda – Once For All, to learn how a strategy based on artificial intelligence, automation, and human support has elevated the company's protection to a new level of maturity.
The average expenditure on cybersecurity by Spanish medium-sized companies represents around 4% of their total IT budget. In 2024 alone, Spain received a total of 97,348 cybersecurity incidents managed by INCIBE, representing an increase of 16.6% compared to 2023. Of these incidents, 31,540 affected companies, including SMEs and self-employed workers.
With almost 100,000 incidents per year and rising, it is clear that cybersecurity is a real and growing problem. On average, corporate budgets dedicated to this area increased by between 6% and 10%, while one in five companies plans to increase their spending by more than 11% compared to the previous year.
This is the case of Nalanda – Once For All, a company dedicated to document management and supplier approval in highly regulated sectors. Every day, it processes thousands of documents and interactions between companies, a volume that requires maintaining the traceability, confidentiality, and availability of information at all times.
To guarantee this level of control, the company decided to strengthen its protection model by relying on Cipher, Prosegur's cybersecurity division, which deployed its xMDR (Extended Managed Detection and Response) model. The challenge was no small feat: gaining visibility into threats and reducing risk exposure in an ever-changing environment.
The relationship between the two companies went beyond the scope of a conventional technology implementation. According to Daniel G. Gago, CISO Iberia and Latam at Nalanda – Once For All, “The main challenge was to achieve complete visibility of the environment without losing operational capacity or increasing the workload on internal teams.” This balance between control and agility marked the starting point of the project, which opted for a frictionless security philosophy focused on accompanying the evolution of processes without interrupting them.
From the outset, the deployment was designed not to disrupt the organization's operations. “For us, it was essential that security reinforced trust, not slowed it down,” says Gago. The xMDR model allowed the company's digital environment to be monitored in real time, correlating events and automating responses to potential incidents. All of this was done under a framework of constant collaboration between Cipher specialists and Nalanda's internal teams—Once For All.
'We don't design solutions for customers, but with customers. That difference marks the quality of the results.'
Although the deployment of an xMDR model relies on a technological infrastructure capable of integrating data sources, AI, and response automation, Fernández Granado insists that “technology alone does not work. The extra mile has to do with people.” This support is provided by the Customer Success Manager, a direct link between Cipher's technical teams and the customer's business areas.
Their role is to ensure that security decisions are aligned with the company's objectives and that service indicators translate into tangible results. In Gago's own words, “That fluid communication allowed us to set priorities and measure results without losing sight of operations,” where each incident or critical alert was handled in a coordinated manner and according to pre-established criteria.
The result was a much more controlled and efficient environment. False alarms were drastically reduced, early detection of anomalous behavior increased, and security reports became a real source of strategic value.
'Our job doesn't end with detection and response; it also involves helping organizations understand what's happening and the reasons behind it.'
The figures speak for themselves. In the case of Nalanda – Once For All, threat visibility increased exponentially thanks to the incorporation of new detection use cases, going from a few to more than 500 in a matter of months, while the false positive rate fell below 2%, freeing up internal resources to devote more time to strategic analysis and continuous improvement.
From an operational standpoint, the qualitative leap has been evident. “Today we can act before an incident has a real impact. The automation and predictive capabilities of the system give us room to anticipate,” explains Gago. It also allows improvements to be incorporated without interrupting service continuity, which is essential in companies with an international presence and critical processes in place.
At Cipher, the results are interpreted as validation of a model where threat intelligence, automated technology, and human talent reinforce each other.
%20(1).webp)
'The xMDR model identifies threats and, at the same time, learns from what it finds. Alerts and suspicious behavior feed into a knowledge base that we then redistribute across our entire global network of customers.'
The case of Nalanda – Once For All reflects a broader change within the sector. The trend is towards European solutions that prioritize technological sovereignty and data protection under local standards. xMDR is a platform developed entirely by Cipher, with Spanish intellectual property and global deployment capabilities, meaning that data is managed in accordance with European regulatory frameworks, without relying on third countries or external providers.
The model is also designed to scale without losing control. Cipher currently operates in more than 26 countries, but maintains a unified architecture that ensures consistency in procedures and service quality. “Every customer, regardless of size or sector, has access to the same level of protection and response,” explains the CEO.
For Nalanda – Once For All, the collaboration with Cipher has meant a leap in digital maturity. The company has strengthened its security, but has also made cyber protection a compelling argument for its own customers. The conclusion reinforces the commitment of the various administrations to improving the level of digital protection of the productive fabric.
Not surprisingly, the Spanish government approved a cybersecurity plan worth €1.157 billion to increase resilience against cyberattacks, the largest public investment in this field to date. To put this data into perspective, total global spending on cybersecurity is estimated at $213 billion by 2025, with a projected increase of 12.5% by 2026.
.webp)
.webp)