German companies underestimate cyber risks | Pentest7

top cybersecurity companies

The majority of managers in Germany believe that their company is well positioned when it comes to IT security. In view of costly security incidents in almost half of those surveyed, this is probably too optimistic.

There is a mismatch between confidence and actual risk. A recent study by Arctic Wolf shows that seven out of ten (70 percent) German executives believe their companies are just as secure or more secure than those of their European competitors. In addition, 84 percent have confidence in their employees’ ability to detect a cyber attack. Despite this generally high level of confidence in their own cyber defence, almost half (45 percent) of the companies surveyed have suffered damage of at least 86,000 euros in the last twelve months in connection with a security incident. In addition, less than half of the companies (42 percent) conduct safety training more than once a year.

1,700 IT decision-makers and executives worldwide took part in the Arctic Wolf study, 300 of them from Germany. After a year of spate of cyberattacks, the survey data shows how executives feel about various cybersecurity and business issues.

Companies willing to pay ransom despite trust in security defense

IT decision-makers and executives in Germany have great confidence in the IT security measures of their companies. 70 percent are of the opinion that their company is just as secure or more secure than that of their European competitors. Furthermore, almost four in ten (37 percent) executives believe that cyber attacks pose no threat to them at all, even though threats and security incidents have increased significantly in the last year.

Despite the general belief, almost 60 percent of executives would be willing to pay at least 50,000 euros to threat actors to resume business operations, for example in the event of a ransomware attack. Only one in four (26 percent) companies said they were not at all prepared to pay the ransom. 30 percent of respondents also admitted that their company knowingly concealed a security incident to protect the company’s reputation.

“Fast-changing cyber threats and misplaced confidence in cyber protection create enormous, often hidden, business risk. Unfortunately, many companies are not aware of these risks before they are hit by a cyber attack,” said Dr. Sebastian Schmerl, Director of Security Services for EMEA at Arctic Wolf. “People who rely solely on implementing proactive security controls to secure their organization run the risk of overlooking risk—both in mindset and design. Today’s highly complex IT infrastructures and the impossibility of 100 percent preventive protection against attackers underline the importance of security operations. These are critical to setting up 24×7 threat monitoring and response. In this way, security incidents can be identified quickly, appropriate measures can be taken and costly attacks can be avoided.”

Private sector skeptical about government’s ability to contain cyber threats

Despite the ongoing geopolitical discussions about ransomware, only 16 percent of business leaders see diplomacy as an effective way to contain cyberattacks. On the other hand, 25 percent believe that better relations between the public and private sectors could help contain the cyber crisis.

Fears of nation-state attacks persist, with Russia overtaking China as the biggest threat

More than half (51 percent) of executives in Germany rate Russia as the source of the most dangerous cyber threats for their company. China (43 percent) is ranked as the second highest threat. In comparison, less than half of UK and North American executives (41 percent) rank Russia as the most dangerous nation-state in terms of cyber attacks.

Leave a Reply

Your email address will not be published.