- 18 percent of respondents had at least one serious security incident in the last 12 months - 10 percent less than the previous year.
- Emergency planning and employee awareness are the most important security topics in 2018.
Although cyber dangers are regarded as increasingly threatening, most companies are optimistic about their security concept: 62 percent of respondents feel that they are very well or at least well protected. This is shown by the recent eco IT Security Study 2018. At the same time, most IT security experts are convinced that the threat situation is continuing to grow due to cyber-criminals. In contrast to their self-assessment, 76 percent of the survey participants see German industry as a whole as poorly or insufficiently protected. Only 11 percent of those surveyed believe that German industry is well prepared against cyber attacks.
Successfully fend off attacks
“The awareness of cyber threats is growing in German companies,” says Oliver Dehning. Dehning is the Head of the Competence Group Security at eco – Association of the Internet Industry – in which experts from the member companies work closely together. “We are on the right track to reduce the number of security incidences.” Around 18 percent of the respondents stated that there has been at least one serious security incident in their company in the last 12 months. A year ago, 28 percent of companies reported that they had experienced at least one serious security incident.
Cyber attacks through DDoS or ransomware were the most frequent, but also the hacking of websites is a big problem. 24 percent of the surveyed companies responded to these security incidents with an internal solution and their own company staff, only 7 percent hired an external firm to solve the security issue. A police report was filed by 9 percent. None of the companies surveyed had paid a ransom.
Emergency planning is top security topic for 2018
According to the respondents, the most important security issues in 2018 are the emergency planning to fend off cyber attacks, as well as the employee awareness and data protection. “Those responsible have understood the extreme importance of the taking precautions, and have thus begun with the implementation of emergency plans,” says Dehning.
However, 63 percent of those surveyed stated that they were training their own employees, including raising awareness for cyber attacks. The majority of the respondents even train employees on a regular basis. However, only 32 percent have an emergency plan or a defined internal security protocol in case of a security incident. Thus, 49 percent do not have an emergency plan, while 27 percent are at least planning one.
The Internet Security Days (ISDs) 2018 will also focus on new security strategies for the current cyber threat situation. More than 600 visitors are expected to attend the exhibition (20-21.09.2018) in Phantasialand, near Cologne.
As part of the eco IT Security Study 2018, the eco Association interviewed 955 IT security experts on the current security situation. About half of the respondents surveyed have budget and/or HR responsibility. The eco IT Security Study 2018 is available to journalists on request.