Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Cybersecurity Risk Management and Strategy Disclosure	Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	ITEM 16K. CYBERSECURITY Cybersecurity Risk Management and Strategy We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our digital products and services, industrial systems and Internet connected assets (collectively, “digital and technological environments” or “DT environments”), and the information generated and used in all processes and operations that support business activities (collectively, “Confidential Information”). We design and assess our program based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). This does not imply that we meet any particular technical standards, specifications or requirements, only that we use the NIST CSF as a guide to help us identify, assess and manage cybersecurity risks relevant to our business. Separately, our program has also been certified as meeting the requirements of the International Organization for Standardization (“ISO”) 27001 security standard. Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas. Key elements of our cybersecurity risk management program include but are not limited to the following: ▪a risk management methodology, which we use as a guide to help us identify and manage privacy related risks; ▪risk assessments designed to help identify potential material cybersecurity risks to our DT environments and Confidential Information. ▪a security team lead by Ferrovial Global Chief Information Security Officer (Global CISO), principally responsible for managing (1) our cybersecurity risk assessment processes, (2) our security controls, platforms and portfolio and (3) our response to cybersecurity incidents; ▪the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls; ▪cybersecurity awareness training of our employees, incident response personnel, and senior management; ▪a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and ▪a third-party risk management process for key service providers based on our assessment of their criticality to our operations and respective risk profile. We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations or financial condition. See “3. Key Information— D. Risk Factors—1. Risks Related to Our Business and Structure—4”. The increase in digitalization and consequently, the increased risk of cyber threats and misuse of quantum technology, may affect our normal operation of assets and our ability to generate expected value, which could have a material adverse effect on our business, financial condition, and results of operations.”
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our cybersecurity risk management program is integrated into our overall enterprise risk management program, and shares common methodologies, reporting channels and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas. Key elements of our cybersecurity risk management program include but are not limited to the following: ▪a risk management methodology, which we use as a guide to help us identify and manage privacy related risks; ▪risk assessments designed to help identify potential material cybersecurity risks to our DT environments and Confidential Information. ▪a security team lead by Ferrovial Global Chief Information Security Officer (Global CISO), principally responsible for managing (1) our cybersecurity risk assessment processes, (2) our security controls, platforms and portfolio and (3) our response to cybersecurity incidents; ▪the use of external service providers, where appropriate, to assess, test or otherwise assist with aspects of our security controls; ▪cybersecurity awareness training of our employees, incident response personnel, and senior management; ▪a cybersecurity incident response plan that includes procedures for responding to cybersecurity incidents; and ▪a third-party risk management process for key service providers based on our assessment of their criticality to our operations and respective risk profile.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	We have not identified risks from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected us, including our operations, business strategy, results of operations, or financial condition. We face risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations or financial condition. See “3. Key Information— D. Risk Factors—1. Risks Related to Our Business and Structure—4”. The increase in digitalization and consequently, the increased risk of cyber threats and misuse of quantum technology, may affect our normal operation of assets and our ability to generate expected value, which could have a material adverse effect on our business, financial condition, and results of operations.”
Cybersecurity Risk Board of Directors Oversight [Text Block]	Cybersecurity Governance Our Board considers cybersecurity risk as part of its risk oversight function and monitors cybersecurity and other information technology risks. The Board also oversees management’s implementation of our cybersecurity risk management program. Once a year, the Board receives from our Global CISO a presentation on our cybersecurity risks, the status of our cybersecurity program and general cybersecurity topics that impact public companies. In addition, the Global CISO updates the Board, where they deem appropriate, regarding any significant cybersecurity incidents, as well as any incidents considered to be potentially significant. The Global CISO, together with the Ferrovial Head of Cybersecurity Governance and Business Continuity, the Ferrovial Head of Cybersecurity Operations, and the local CISOs of our various Business divisions and subsidiaries (collectively, the “Cybersecurity Management Team”), is responsible for assessing and managing our material risks from cybersecurity threats and allocating resources to implement the cybersecurity program. The team has primary responsibility for our overall cybersecurity risk management program and supervises both our internal cybersecurity personnel and our retained external cybersecurity consultants. Our Cybersecurity Management Team’s general experience includes: ▪Cybersecurity Governance, Risk & Compliance. ▪Cybersecurity Risk Management. ▪Control Framework Management and Assessment. ▪Third Party Risk Management. ▪Business Continuity Management. ▪Vulnerability Management. ▪Identity & Access Management and Protection. ▪Cybersecurity Culture and Awareness.. ▪Audit and eDiscovery Management. ▪Cybersecurity Operations and Architectures. ▪Monitoring and Correlation. ▪Incident Detection and Response. ▪Endpoint Security. ▪Security in Communications Networks and Perimeters. ▪Cloud Security. ▪Application Security. ▪Attack Surface Management. ▪Threat Intelligence. ▪Information Protection. ▪Security in Software Development Lifecycle. ▪ OT/IoT Security. ▪Cybersecurity Automation. Specifically, the Ferrovial Global CISO is a security professional with more than 25 years of IT and cybersecurity experience gained in a variety of companies and sectors with a balanced mix of strategy, management and operational security skills developed in multicultural international environments, analyzing and delivering secure, cost effective services in complex and high value business environments. Over his career, he has obtained ISACA CISA, CISM, CRISC and CDPSE qualifications and complemented his education by completing an IESE Business School Management Development Program (PDD) and an ESADE Business School Global Management Program (GMP). He is trusted and relied upon by our executive management team to establish security governance and design a culture throughout Ferrovial, that places an emphasis on building and leading internal teams at all levels to transform, embed and improve security throughout the Organization. The Ferrovial Head of Cybersecurity Governance and Business Continuity has 20 years of experience in cybersecurity, developing global governance, risk and control models, and deploying them in complex, heterogeneous and multicultural environments. Over his career, he has obtained ISACA CISA and CISM qualifications and ISO 27001 LA & LI and ISO 22301 LA certifications and complemented his education by completing an IT Governance Program provided by Universidad of Deusto. He is a professor, collaborator and occasional speaker in associations focused on the practice of cybersecurity and privacy. The Ferrovial Head of Cybersecurity Operations is a seasoned cybersecurity, communications, and cloud professional with over 15 years of experience in managing and deploying international security services, including prevention, detection, response, and auditing. He has played a pivotal role in technological and operational transformations and the extension of cybersecurity frameworks to corporate and OT/IoT environments, and leading cybersecurity initiatives in major corporate carve-outs. He has also completed executive programs at IMD Business School, IE Business School, and Universitas Ferrovial and obtained his master’s degree in DevOps from Universidad de La Rioja. He holds multiple industry-recognized certifications, including Fortinet (FCNSA & FCNSP), Checkpoint (CCSA & CCSE), Microsoft Azure Fundamentals, Bluecoat (BCCPA & BCCPP), and Cisco CCNA. The Ferrovial Construction local CISO is a seasoned technology professional with over 18 years of experience in cybersecurity, technology risk management, compliance, and internal audit. He possesses a senior profile with a multidisciplinary background and a proven history of managing international projects. His expertise includes advising senior management and implementing significant information security transformation and cultural change programs. He holds a master’s degree in computer science and engineering from Universidad Autónoma de Madrid and has completed Executive Management Programs at IE, Headspring, and The Power Business Schools. Throughout his career, he has obtained numerous professional certifications, including ISACA's CISA, COBIT, ITIL, BS25999, and CCI's Green Level Professional. The Ferrovial CINTRA EU and NM local CISO is a security professional with more than 20 years of experience spanning several multinational companies, in roles including IT Security Manager, Head of IT Audit, CIO and CISO. Over his career, he has obtained several information security qualifications such as CISA, CISM, CRISC, Business Continuity Lead Auditor and Green Level in Industrial Cybersecurity. He has also complemented his education with an IE Business School Management Development Program. The Ferrovial CINTRA USA local CISO is an information technology professional with over 25 years of experience in cybersecurity, technical architecture design, systems implementation, operation, and maintenance. He holds a bachelor’s degree in computer science from Universidad Tecnológica Simon Rodriguez de Venezuela, and a master’s degree in computer network technology from Herzing University. Throughout his career, he has obtained numerous professional certifications, including ISACA's CISA, ITIL, Cisco Certified Network Associate, Microsoft Certified Systems Engineer, VMware Certified Professional, Red Hat Certified Engineer, Microsoft® Certified Azure Fundamental, and Microsoft® Certified Azure Security Engineer. The Ferrovial Energy local CISO has over 20 years of experience in technology and risk management across various sectors. He supplements his professional life with teaching and is also a member of advisory boards and collaborates with associations focused on cybersecurity and privacy. He holds a degree in Computer Engineering from Universidad Autónoma of Madrid and has multiple risk management and security certifications (CISSP, CISA, CISM, CRISC, CDPSE, CSX-F and ISO 27001). Additionally, he is certified as a Security Chief and Security Director by the Ministry of the Interior of Spain. In addition to completing a board member program at ESADE, he is currently finishing a degree in Business Management at Universidad Ramon Llull – LaSalle and an Executive MBA at EAE Business School. Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include: briefings from security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the digital environment.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Specifically, the Ferrovial Global CISO is a security professional with more than 25 years of IT and cybersecurity experience gained in a variety of companies and sectors with a balanced mix of strategy, management and operational security skills developed in multicultural international environments, analyzing and delivering secure, cost effective services in complex and high value business environments. Over his career, he has obtained ISACA CISA, CISM, CRISC and CDPSE qualifications and complemented his education by completing an IESE Business School Management Development Program (PDD) and an ESADE Business School Global Management Program (GMP).
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Once a year, the Board receives from our Global CISO a presentation on our cybersecurity risks, the status of our cybersecurity program and general cybersecurity topics that impact public companies. In addition, the Global CISO updates the Board, where they deem appropriate, regarding any significant cybersecurity incidents, as well as any incidents considered to be potentially significant.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Ferrovial Global CISOFerrovial Head of Cybersecurity Governance and Business ContinuityFerrovial Head of Cybersecurity OperationsFerrovial Construction local CISOFerrovial CINTRA EU and NM local CISOFerrovial CINTRA USA local CISO
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	the Ferrovial Global CISO is a security professional with more than 25 years of IT and cybersecurity experienceThe Ferrovial Head of Cybersecurity Governance and Business Continuity has 20 years of experience in cybersecurity, developing global governance, risk and control models, and deploying them in complex, heterogeneous and multicultural environmentsThe Ferrovial Head of Cybersecurity Operations is a seasoned cybersecurity, communications, and cloud professional with over 15 years of experience in managing and deploying international security services, including prevention, detection, response, and auditingThe Ferrovial Construction local CISO is a seasoned technology professional with over 18 years of experience in cybersecurity, technology risk management, compliance, and internal auditThe Ferrovial CINTRA EU and NM local CISO is a security professional with more than 20 years of experience spanning several multinational companies, in roles including IT Security Manager, Head of IT Audit, CIO and CISO.The Ferrovial CINTRA USA local CISO is an information technology professional with over 25 years of experience in cybersecurity, technical architecture design, systems implementation, operation, and maintenance.The Ferrovial Energy local CISO has over 20 years of experience in technology and risk management across various sectors.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our management team supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include: briefings from security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the digital environment.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true