Working from home and via cloud infrastructures are sources of the greatest cybersecurity risks for companies. Therefore, more than 80 percent of German companies expect a cyber attack this year.
Trend Micro, one of the world's leading providers of cyber security solutions, publishes the results of its latest global Cyber Risk Index (CRI) for the second half of 2021. This indicates an increased cyber risk for companies worldwide - as well as for Germany and Europe. In addition, 84 percent of respondents from German companies (76 percent worldwide) assume that they will be affected by a successful cyber attack in the next twelve months. In Germany, 22 percent even considered this to be “very likely” (worldwide 25 percent).
Cyber Risk Index (CRI) for Q2/2021
The biannual CRI uses targeted questions to measure the discrepancy between the current security level of companies and the probability of an attack. From the information obtained, an index score is calculated on a numeric scale from -10 to 10, with -10 representing the highest level of risk. For the second half of 2021, the index shows a value of -0,08 for Germany, -0,15 in Europe and -0,04 worldwide - this corresponds to an increased cyber risk in each case. 87 percent of the German respondents (84 percent worldwide) stated that they had been affected by one or more successful cyber attacks in the last twelve months. Almost a fifth of German companies (19 percent, 35 percent worldwide) even recorded seven or more separate attacks.
Ransomware and targeted attacks feared
The threats of greatest concern to decision makers worldwide are ransomware, phishing/social engineering and denial of service (DoS) attacks. German companies also fear particularly targeted attacks (APTs / Advanced Persistent Threats). The most severely estimated negative consequences of a security breach are damaged systems, costs for external experts and the loss of customers.
When it comes to their IT infrastructure, organizations around the world are most concerned about mobile and remote workers, cloud computing, and third-party applications that pose a risk of supply chain attacks, among others. European companies also classify possible organizational errors and increasing complexity as a high risk. This underlines that many companies still see a challenge in effectively securing their digital infrastructures, which have been expanded during the corona pandemic, and the attack surface that has grown accordingly.
"Every day, organizations face sophisticated security challenges, from software vulnerabilities to data breaches to ransomware attacks and more," said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute, which compiles the CRI on behalf of Trend Micro. “The study, which is carried out every six months, is an important basis for evaluating the rapidly evolving cyber risk landscape. It helps organizations improve their security practices and can serve as a guide for strategic planning.”
More powers and consistent enforcement of rules needed
The results of the survey also indicate a high level of risk in the area of agile application development (DevOps). In addition, those surveyed often complain that those responsible for IT security in companies do not have sufficient powers and resources to establish an acceptable level of security. Violations of security policies, standard operating procedures and compliance requirements are often not adequately punished. This is a clear indication that more resources should be dedicated to people, processes and technology worldwide to increase security and reduce the overall risk of cyberattacks.
“In order to develop an effective cybersecurity strategy, companies must master the art of risk management. This is where the CRI can be of great help to identify potential problem areas,” explains Richard Werner, Business Consultant at Trend Micro. "As environments become more complex as work-from-home and digital infrastructures expand, organizations should adopt a platform-based approach to optimize security while minimizing overhead."
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.