The new study "Cybersecurity Readiness Index 2023" by Cisco shows that German companies are in the middle when it comes to cybersecurity worldwide, but at the top in Europe. Nevertheless, only 11 percent of companies see themselves as well prepared for cyber attacks.
How well are German companies prepared for IT attacks? Globally, they are only in the middle, but in Europe they are in a good second place behind Great Britain. German companies are particularly strong when it comes to protecting end devices and networks. There is still a lot of catching up to do when it comes to data security. This is shown by the Cisco Cybersecurity Readiness Index 2023.
Cisco Cybersecurity Readiness Index 2023
Cyber security requirements have changed significantly as a result of the COVID-19 pandemic. Instead of a fixed workplace with a static company network, hybrid work and virtual collaboration now use multiple devices at various locations. Companies therefore not only have to reorganize their security structures, but also protect themselves against new and constantly evolving threats. The Cisco Cybersecurity Readiness Index 2023 determined how well companies are able to cope with these new challenges. Based on 6.700 expert surveys, the companies were divided into four levels of maturity: Beginners, Formative, Progressive and Mature.
Germany Compared
Only 15 percent of companies worldwide achieve the highest level of maturity, which provides the best possible protection against modern security risks. In Germany even only 11 percent. This puts German companies only in the middle of the 27 countries surveyed. In Europe, German companies occupy a good second place behind Great Britain.
German companies do best in terms of end device security with tenth place worldwide (Mature & Progressive). The protection of networks is best developed in Germany (11th place), which is partly due to the comparatively frequent use of firewalls with an integrated intrusion prevention system (IPS) (DE: 78% vs. Global: 69%).
Network protection in Germany best developed
The protection of applications (13th place) and identities (15th place) is already declining, and when it comes to data security, Germany is clearly lagging behind (20th place). The main reason is the lower use of backup & recovery tools. Only 55 percent of German companies stated that they use these tools, compared to an average of 67 percent worldwide. Host IPS & protection tools are also used significantly less in Germany (29 percent vs 41 percent worldwide). This is also reflected in a European comparison: Germany is only sixth out of the eight countries surveyed when it comes to data security, and second or third in all other categories.
Great damage from attacks
Most German companies have already fallen victim to cybercrime. Fifty-five percent of respondents reported an incident in the last 55 months, with half of them (12%) causing at least $49 in damage. By comparison, globally, 300.000 percent noticed an incident that caused at least $60 in damage to 54 percent of those affected. In Germany, 300.000 percent (worldwide: 77%) expect their business operations to be disrupted by cybercrime in the next 82 to 12 months. To prevent this, 24 percent of German companies (worldwide: 81%) plan to increase their budget for cyber security by at least 86 percent in the next 12 months.
Worldwide results with surprises
In a global comparison, it is surprising at first glance that companies in industrialized nations have an overall lower level of cybersecurity maturity than companies in developing or emerging countries. Indonesia, Thailand, Brazil, India and the Philippines make up the top 5. However, it is difficult to compare the individual countries because there are different requirements.
The Cisco Security Readiness Index explains the backwardness of the industrialized countries with the many legacy systems used, which often do not support the latest IT security - for example in old production environments. In contrast, emerging countries were often able to start digitization projects with completely new security solutions without legacy issues. Japan and South Korea bring up the rear. In Europe, France and the Netherlands fare particularly badly.
Also interesting: Medium-sized companies have the highest degree of maturity worldwide (19% mature). While small companies have the lowest level of maturity (10% mature) due to their limited financial resources, large companies are slowed down by their complex IT environments.
Background to the study
The Cisco Cybersecurity Readiness Index 2023 is based on a double-blind survey of 6.700 executives in 27 countries who are responsible for cybersecurity in their companies. The research was conducted between August and September 2022 using online and telephone interviews. 300 experts were interviewed for Germany. The full study is available here. You can find a brief analysis of Germany here – and figures and images here.
More at Cisco.com
About Cisco Cisco is the world's leading technology company that makes the Internet possible. Cisco is opening new possibilities for applications, data security, infrastructure transformation and the empowerment of teams for a global and inclusive future.