BSI: Home office increases attack surface

B2B Cyber ​​Security ShortNews

Share post

BSI business survey: The home office situation in pandemic times increases the attack surface for cyber criminals and thus has an impact on the information security of commercial enterprises in Germany.

That is the result of a representative survey of 1.000 companies and operations that the Federal Office for Information Security (BSI) presented today at a digital press conference in Bonn. Further results at a glance:

  • Corona has more than doubled the number of home office workplaces. 58% of the companies surveyed want to maintain or expand the offer even after the pandemic.
  • Companies that want to establish home offices prefer digitization projects.
  • 2/3 of the large companies perceive the pandemic as a digitization turbo.
  • Private IT attack surface: Only 42% of companies only use their own IT.
  • Over 50% of companies invest less than 10% of IT spending in cyber security. The BSI recommends investing up to 20% of the IT budget in security.
  • The smaller the company, the more serious the consequences. For micro and small businesses with fewer than 50 employees, one in four cyberattacks can have existential consequences.
  • Although inexpensive, simple security measures such as mobile device management, emergency exercises or the principle “IT security is a matter for the boss” are not sufficiently implemented.

Home office is here to stay. However, IT security has not yet reached the budgets, processes and minds of companies enough. The digitization turbo Corona is driving IT projects in companies. Our survey confirms that. As the federal cyber security authority, we urge that digitization and IT security be conceived and implemented as one unit. Anyone who sets the course for solid information security in their infrastructure now will secure their future - in difficult pandemic times and beyond, says Arne Schönbohm, President of the BSI.

Germany: 12 million in the home office

In the pandemic, twelve million workers switched to home offices in Germany alone. This is not a snapshot, but determines the new normal in the long term. When many people switched to the home office spontaneously, IT security too often did not play a role. Mobile work requires the right balance between user-friendly access to company data and IT protection. Robust and risk-based IT security management, employee training and well thought-out emergency concepts are required. Security is not a one-off project, security is a continuous process, says Achim Berg, President of Bitkom eV

For the study as a PDF at BSI.bund.de

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more