- eco Association publishes IT Security Study 2019
- 90 percent of companies perceive the threat situation as growing and are preparing themselves with emergency plans
The IT security threat situation is continuing to grow. This is the view of 90 percent of security experts surveyed in Germany for the IT Security Study 2019, published today by eco – Association of the Internet Industry. Companies are reacting to this by developing emergency plans. 57 percent of the IT security experts questioned have defined internal processes or developed an emergency plan in case of a cyber crime incident, according to the study. A further 27 percent are currently in the process of developing such an emergency plan. A considerable increase: In 2018, only 32 percent of companies had an emergency plan.
“The staff responsible for IT security in small and medium-sized companies are becoming more and more aware of the great danger posed by cyber criminals, and are searching for new ways to prepare themselves for a potential attack,” says Oliver Dehning, Leader of the Competence Group Security in the eco Association. The growing awareness of the dangers is leading to companies being increasingly prepared to invest in the training of their staff. 41 percent train and sensitize their own staff regularly regarding cyber dangers, and 38 percent do this at least occasionally. Only 14 percent do not take measures to train and sensitize their staff.
Every fifth company assesses itself as not sufficiently protected
Emergency planning is currently one of the top security topics for the companies surveyed. 80 percent assess this topic as important or very important. Only staff sensitization (important for 81 percent), encryption of data (important for 82 percent), and data protection (important for 89 percent) were rated as more important.
Despite increasing efforts regarding these security topics, only 46 percent of those surveyed assess the protection of their own company as very good (11 percent) or good (35 percent). A further 35 percent believe their protection is merely sufficient, and 19 percent assess it as insufficient. In fact, last year there was at least one serious security incident in every fourth company among the companies involved in the study. Ransomware, DDoS attacks, and CEO Fraud lead the list of attacks, ahead of website hacking and data theft.
For the eco Survey IT Security 2019, the eco Association surveyed 242 IT security experts on the current security situation. Around half of those surveyed are responsible for budget or personnel.
