One in seven companies in Germany without IT security measures

Although the majority of German companies have had to deal with at least one cybersecurity incident in the past twelve months, almost 40 percent still believe their IT systems are optimally protected.

What cybersecurity risks pose a threat to your company in the next twelve months? What measures is your company taking to protect its IT infrastructure? Europe's leading crowdsourced security platform YesWeHack asked 512 IT decision makers in Germany these and other questions. "Kroker's Look @ IT" presents the results of the survey today exclusively in advance.

According to the results, half of the companies surveyed had to deal with at least one cybersecurity incident in the last twelve months. Three in ten respondents report one to ten attacks (29 percent), while eleven percent report eleven to 20 incidents. Five percent of firms even report more than 50 IT security incidents.

The study participants were most frequently confronted with access control problems, such as insecure design or implementation of authentication and authorization mechanisms, in the last twelve months. Nearly one in two respondents had to deal with such a security incident (48 percent).

Nevertheless, more than one-third of study participants (38 percent) say their company's IT systems are optimally protected against cyberattacks and that the necessary knowledge about cybersecurity is available among IT staff.

Growing attack surface and complexity is currently the greatest challenge

Seven out of ten companies use endpoint security solutions to ensure their IT security. Thirty-nine percent rely on security awareness training for their employees; and 26 percent rely on audits and pen testing.

Remarkably, one in seven companies takes no IT protection measures at all (14 percent). A further five percent of the IT decision-makers surveyed could not provide any information on the question of defense methods.

One in three companies also has no person or group primarily responsible for IT security and risk management (31 percent). Forty percent of the companies surveyed name the CTO or CIO as the main person responsible, and only 17 percent have a dedicated chief information security officer (CISO).

For 37 percent of IT teams, the continuously growing attack surface and complexity, driven by digital transformation, is currently the biggest challenge in defending against cyberattacks.

34 percent perceive the sharp increase in cyberattacks across all industries and company sizes as the biggest threat. 32 percent are concerned about the increased number of attack points due to the work situation of home office employees.

Comments

Post a Comment

Popular posts from this blog

Chrome targeted by criminals: Why users need to update quickly now

A security vulnerability in Google Chrome is currently being exploited by cyber criminals. Malware could land on your PC through it. Read here how you can protect yourself. The Google Chrome browser is currently struggling with some security vulnerabilities. In a blog post , Google warns about a total of seven vulnerabilities, with the majority of these gaps being classified as a "high" threat to users. The vulnerabilities have been fixed in the latest version of Chrome for Windows, Linux and macOS. If you have Chrome version 90.0.4430.85 installed, it can no longer be exploited. If you have an older version of the browser installed, you should update urgently. You can find the download of the new version below these lines. Smartphone users do not have to be afraid of the security vulnerability. Google has not had to take any security measures here for the time being. The security vulnerability probably remained undiscovered by cyber criminals for the time being. So far, noth...
Read more

Face and voice recognition: Why TikTok wants to be allowed to collect biometric data in the USA

TikTok's privacy policy for the US now mentions the collection of biometric data from faces and voices. The background is likely to be a legal dispute that cost the company $92 million. Neue Datenschutzbestimmungen sind oft eher etwas für Juristen, doch die jüngste Aktualisierung von TikTok sollte alle Nutzerinnen und Nutzer in den USA aufhorchen lassen. Denn in den am 2. Juni aktualisierten Datenschutzbestimmungen für die USA ist ein Abschnitt enthalten, den es zuvor nicht gab. Er lautet übersetzt: »Wir sammeln möglicherweise biometrische Identifikationsmerkmale und biometrische Informationen, wie sie im US-Recht definiert sind, wie etwa von deinem Gesicht und deiner Stimme, aus deinen Inhalten.« Im englischsprachigen Original ist von »faceprint« und »voiceprint« die Rede. »Bevor wir damit anfangen«, frage man jedoch nach dem Einverständnis, wenn dies gesetzlich nötig sei, fügte noch TikTok hinzu. In response to an initial inquiry from "TechCrunch" about the ba...
Read more

Microsoft Teams, Zoom, WebEx: Berlin authority warns against popular video systems

After an initial data protection audit, some video service providers have made improvements to their offerings. But the Berlin data protection commissioner still sees serious shortcomings. The State Commissioner for Data Protection in Berlin (Germany), Maja Smoltczyk, advises against using leading video conferencing systems such as Microsoft Teams, Skype, Zoom, Google Meet, GoToMeeting, Teamviewer and Cisco WebEx. The reason is a retest of various offerings. After a number of services had already failed a test of data protection requirements last year, a new test of the major providers did not reveal any substantial improvement. Smoltczyk said that she was pleased "that our comments had persuaded so many providers to improve their offerings, in some cases very significantly, in terms of data protection". There are now enough legally compliant services for a wide range of purposes that there is no reason to break data protection law for video conferencing. However, if a provid...
Read more