German companies are ill-prepared for attacks. Almost 80 percent have no incident response plans. However, an emergency plan is almost always a prerequisite for taking out mandatory cyber insurance.
The BKA recorded more than 130.000 cybercrime cases in Germany last year. Attacks on companies can sometimes threaten their existence. According to the current Kaspersky study, 30,5 percent of companies in Germany have cyber insurance that covers at least the most serious costs in the event of damage.
Incident response needs improvement
However, the topic of incident response or preparation for cyber attacks still seems to have room for improvement in companies in Germany, as shown by the current Kaspersky study “Incident Response for Prevention - Why companies in Germany are poorly prepared for cyber attacks and how they can become more cyber resilient thanks to incident response methods “become” shows
However, only 20,5 percent of companies have incident response plans, even though it is mandatory for most cyber insurance policies. An incident response plan is applicable to a variety of incidents and supports employees in incident response. Furthermore, less than a third (29,0 percent) of the companies surveyed in Germany have an incident response playbook that defines measures that should be taken in the event of a specific incident.
Lack of guidelines for dealing with security incidents
If an attack or malware infection occurs, only a quarter of companies in Germany know what to do with the affected devices. Only a quarter (26,5 percent) of companies in Germany have a centrally documented storage facility for compromised devices. However, this is important for forensics because it is the only way to identify the origin of an attack.
In general, companies in Germany seem to lack guidelines on how to deal with security incidents: only half (53,5 percent) of companies have guidelines on how security incidents are to be documented and almost as few (53,0 percent) have defined ones Incident reporting point.
Lack of preventative security measures
To prevent cybersecurity incidents, too few companies have implemented appropriate measures:
- Less than half (47,5 percent) use network segmentation to isolate devices from one another.
- Just over half (54,0 percent) use multi-factor authentication to secure access.
- Only a third (34,5 percent) carry out preventive audits.
The majority (85,5 percent) also forego simulation/emulation with regard to adversaries and threats (via Table Top Exercise (TTX) or adversary emulations). However, without testing critical processes, it cannot be ensured that they will work and support you in an emergency.
Two thirds of companies do not have patch management
A similar picture emerges when it comes to patch management: only one in three companies (35,5 percent) has a corresponding policy for this. Security gaps in applications and operating systems are among the most common attack vectors in companies [3]. For Kai Schuricht, Lead Incident Response Specialist at Kaspersky, this is due to the complexity of patching:
“On the one hand, security gaps can be plugged relatively easily, but on the other hand, the process is usually a little more complicated than you think. When companies decide to update their systems, it takes time. Because these must first be tested, approved and then distributed. This takes time and of course increases the time window in which the systems are vulnerable. The time window for successful attacks also increases. An appropriately well thought-out and therefore efficient patch management can provide support here and take into account the different requirements of, for example, IT security and production at the same time.”
Directly to the report on Kaspersky.com[/su_button
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/