In the German economy alone, hacker attacks cause more than EUR 200 billion in damages each year. However, a large share of these damages could be avoided by implementing appropriate security measures. This was the conclusion in the Cyber Security Report presented by Schwarz Digital for the first time.
In February 2023, the study evaluated a total of 213 organizations from the business and public sector in Germany to determine how vulnerability they were to external cyberattacks. This included companies listed in DAX, MDAX, SDAX, 8 retail companies, 35 airports, and the 10 biggest cities in Germany based on population size. The key findings: All of the organizations included in the study are in urgent need of improving the security for their web-based applications and systems. For example, their current encryption methods are frequently outdated and can easily be broken. In addition, their IT security measures do not take into account the fact that the security requirements are constantly changing as a result of New Work and employees working remotely from around the world.
The report reveals that organizations have an average of around 11,000 security holes, such as misconfigurations and incorrectly managed user accounts, which hackers can exploit. In 82 percent of the cases, hackers need less than three steps to break into an organization’s sensitive systems and data. Furthermore, a cloud is vulnerable from within: 71 percent of the identified weak points allow hackers to access the most important systems in a company’s networks or to tap into important data from the cloud.
“Cybersecurity requires a forward-thinking, long-term strategy as the attacks are becoming more and more sophisticated and targeted. Many top decision-makers highly underestimate the risk of cyberattacks,” says Rolf Schumann, CEO of Schwarz Digital. “But this attitude is not just dangerous for their own company: Any type of company today is closely connected to other companies. Hackers can use weak points at one company to obtain access to a supplier, for example. Therefore, our Cyber Security Report is intended to promote awareness of security issues across the board. The report gives an overview of the current threat level and provides clear recommendations for a secure digital company.
The full document with an overview of the current threat level posed by cybercrime and with concrete recommendations for more security in the digital world is available to download free of charge here after registering.