Due to tense cyber security situation: German companies increase their investments in IT security
by Tina Siering
How do companies assess the level of threat?
In the IT security survey conducted by the German Internet Industry Association (eco), 54 percent of all participating companies said they had increased their investments in IT security last year. (eco) stated that they had increased their investments in IT security in the past year. The study also concludes that the absolute majority of the companies surveyed believe that the threat of cyber attacks will continue to increase.
At the beginning of 2022, almost 94 percent of the companies surveyed assessed the situation as threatening. This represents a significant increase compared to the previous year's survey. At that time, only around 77 percent of companies believed that the threat from cyber incidents was increasing. However, the trend is clear: a large proportion of German companies are now aware that cyberattacks harbor enormous potential danger. This sentiment is also consistent with the results of the recently published Allianz Risk Barometer 2022.
In addition, since the outbreak of the Ukraine war, news of cyber attacks and a "war on the Net" have also created great uncertainty in other parts of Europe. In our blog article "secion's assessment of the security threats to companies following the outbreak of the war in Ukraine", we analyzed and assessed whether the threat situation for companies has acutely worsened since the outbreak of the war.
Yet large-scale open sabotage scenarios require months or even years of preparation. The threat level in this context therefore remains as high as it was before the war began. Companies that are now compromised have probably been compromised for some time.
What threats do companies currently face to their IT security?
There are clear reasons why companies currently see IT security under such threat. In 2021, there were numerous cyberattacks that received media attention, leading companies to increase investment in their own IT security. Some of the cyber incidents that caused a stir included the Colonial Pipeline ransomware attack in the U.S. in May or the cyberattack on the Anhalt-Bitterfeld district in September and the critical Log4j vulnerability.
The Corona pandemic also helped to exacerbate the security situation on the Internet. This is because the changed structures within companies are contributing to a more complex threat situation. The trend toward home offices is a major factor here, making networks more complex and harder to control. The intermingling with home networks has created additional vulnerabilities in IT security. Cybercriminals have responded by increasing their activities.
The result is an increase in complex and targeted attacks. The attacks, which include the use of ransomware, aim to cause as much damage as possible on the enterprise side and can bring business operations to a complete halt. This advanced persistent threat situation is subsumed under the term advanced persistent threat (APT).
However, large-scale open sabotage scenarios require months or years of preparation. The threat level in this context therefore remains undiminished - as it was before the start of the war. Companies that are now compromised have probably been compromised for some time.
Many companies affected by IT security incidents
The survey also shows that around a third of German companies experienced IT security incidents in 2021 that caused damage. Within the affected companies, ransomware leads the pack with a share of 21 percent. Hacking of websites and data theft follow in equal second and third place with 18 percent. The figures make it clear that every company in Germany can be the target of a cyberattack, and that enormous damage can be caused by ransomware.
Not only large corporations are affected, but increasingly small and medium-sized companies as well. There are clear reasons for this, such as the still widespread misconception that one is not a worthwhile victim of targeted cyberattacks. Ransomware and the associated extortion have made every company a potentially interesting target. On the other hand, cybercriminals are primarily looking for easy targets. SMEs often have a limited budget when it comes to IT and IT security in particular. Accordingly, it is easier to penetrate the networks of these smaller companies.
Conclusion on the current cybersecurity situation in Germany
The cyber security situation is tense and the trend of increasing threats continues. Companies that have not yet invested in their own IT security would do well to do so as soon as possible. The basis for this is an IT security strategy. This covers all potential attack vectors. Service providers help with the creation and practical implementation of such an IT security strategy. Cloud services such as early attack detection or cloud backups also give SMEs with smaller IT budgets the opportunity to establish high standards in their own IT security.