eco IT Security Survey 2023: A New Era in IT Security

• 84 per cent of IT experts see a worsening of the cyber threat situation due to the Ukraine war
• eco Board Member Prof. Norbert Pohlmann on the occasion of the Munich Security Conference: “Must also look at cybersecurity in geopolitical terms”
• eco Initiative Ransomware gives 10 tips for preventing and dealing with ransomware attacks

The threat situation is growing, say 93 per cent of the IT experts surveyed. One factor that has contributed to this is the Ukraine war. 84 per cent of IT security experts believe that the war of aggression against Ukraine has exacerbated the threat situation. These are the results of the eco IT Security Survey 2023. Since 2010, eco – Association of the Internet Industry has been surveying the mood of the Internet industry about IT security in Germany and recently interviewed more than 100 experts from the IT security industry.

“The turnaround invoked by Chancellor Olaf Scholz must also affect the global IT security structure”, says eco Board Member Prof. Norbert Pohlmann. “Organised cybercrime, but also state actors, are increasingly using cyberspace specifically for attacks on companies, as well as on public infrastructures. It has therefore never been more important to also look at cybersecurity in geopolitical terms and prepare for different attack scenarios.”

According to the survey, the experts agree, as in previous years, that the German industry as a whole is inadequately positioned in terms of IT security. The experts’ assessment shows a rising level of severity in the past years. In 2021, 66 per cent rated the efforts of the industry as “insufficient”; today, 77 per cent have come to this sombre conclusion.

SMEs in the focus of cybercriminals

In contrast, the experts are rather optimistic about IT security in their own companies: 53 per cent of respondents say their own company is very well or well protected, while 28 per cent believe their company is sufficiently protected. Around 13 per cent of companies had at least one serious security incident last year. Compared to the two previous years, there has been a slight decline.

“The discrepancy in the assessment of one’s own security situation and the actual security situation in Germany in general shows how difficult it is even for experts to correctly assess the threat,” says Oliver Dehning, Head of the Security Competence Group at eco – Association of the Internet Industry. “Without being aware of it, many SMEs in particular are the focus of internationally operating cybercrime networks.”

Practical assistance against ransomware

In the vast majority of companies, those responsible for IT security take measures to prepare for a worst-case scenario and to sensitise their employees. In this regard, 70 per cent of the respondents state that they conduct regular employee training, while only 3 per cent completely refrain from this measure. In addition to continuous training of employees to increase awareness in the fields of security and phishing, emergency planning is currently one of the top security topics for the companies surveyed. More than 70 per cent have defined internal processes to defend against a cyber attack and already established contingency plans.

In order to minimise the risk of a successful ransomware attack from the outset, the companies such as Sophos, Microsoft and Rhode & Schwarz provide practical assistance with the Ransomware Initiative under the umbrella of eco – Association of the Internet Industry.

The initiative recommends the following technical and organisational precautions:

1. Create cybersecurity awareness among your employees. Phishing, whether by mail or by phone, is one of the most successful tools of cybercriminals.
2. Use strong passwords and, where possible, strong multi-factor authentication.
3. Allow external connections to internal systems only from specified IP addresses or via VPN.
4. Be sparing with the assignment of user rights. Administrator rights in particular should be reserved exclusively for expert IT staff.
5. Allow apps to be installed only from trusted sources.
6. Unusual network activity is a clear alarm signal, react to warnings from your monitoring software.
7. Disable scripting environments and macros from external sources. The majority of malware is introduced via Office files.
8. Install updates for the software and operating systems used in a timely manner.
9. Review your Business Continuity Management (BCM) and IT contingency plans and be prepared to temporarily operate without external service providers in the event of a large-scale cyber attack.
10. Review and test your backup strategy. Backups of all business-critical systems should exist and the restoring of the same should be tested.

Download the eco IT Security Survey 2023