Cyber attacks: German companies are poorly protected

A current Bitkom study shows how poorly prepared German companies are for cyber attacks. Only every second company has an emergency plan, every fourth company wants to do without internal training in the future.


Preparing for cyber attacks also seems to be a question of company size. This is suggested by a survey for which Bitkom Research commissioned the Bitkom digital association to question 1,066 companies from all sectors. Large companies with 100 to 500 employees (71 percent) and 500 or more employees (78 percent) have drawn up an emergency plan much more frequently than smaller companies with 10 to 99 employees (51 percent). Overall, only every second company in Germany (54 percent) has an emergency plan with written procedures and ad hoc measures in the event of data theft, espionage or sabotage.


There is no time to waste

Time is a crucial component in defending against a cyber attack, as Simran Mann points out. Specifically, the speaker on security policy at Bitkom e.V. points out: “Any company can become a victim of cyber attacks, regardless of the industry and size. Once the company IT is infected or paralyzed, companies incur high costs, which can go as far as weeks of production downtime.” All companies should therefore make appropriate preparations and draw up a clear emergency plan so that they do not lose protected time in the worst case.


One in four companies continues to forgo training

As the study shows, German companies also have some catching up to do when it comes to raising employee awareness. Only 6 out of 10 of the companies surveyed (61 percent) conduct regular training courses on security topics. Another 13 percent plan to offer training courses in the future. Conversely, this means that every fourth company (25 percent) wants to do without it in the future.

Simran Mann also emphasizes how important it can be to train employees on the subject of cybersecurity: “Employees can make cyber attacks easier or more difficult – they are the first line of defense against cyber criminals. Companies should definitely inform about risks and types of attacks and give tips for the right behavior.”

Source: Bitkom