The current "Germany safe online" DsiN practice report under the auspices of the Federal Ministry of Economics shows more frequent damage caused by IT attacks in medium-sized companies. Smaller companies in particular do not adequately protect themselves against IT risks.
Corona is increasing digitization, necessary protective measures are lagging behind. The proportion of far-reaching IT attacks on medium-sized companies has increased noticeably during the corona pandemic. According to the practice report 2022 by Germany safe online (DsiN), more than three-quarters of all attacks led to noticeable effects (76 percent), with every eighth company they were given as significant, with four percent even as a threat to their existence.
At the same time, awareness of the digital vulnerability of one's own company during the pandemic has stabilized at a high level (86 percent). Almost every third company (32 percent) rates insufficient IT security as a fundamental risk: this endangers their own competitiveness (21 percent) or the company's existence (11 percent).
Companies: Every second person does not take protective measures for emails
“We are seeing increasing awareness of cyber security, but many small and medium-sized businesses are not yet adequately protected against cyber risks. Hacker attacks are often not sufficiently recognized, too many weak points remain unknown,” explained Michael Kellner, Parliamentary State Secretary at the Federal Minister for Economic Affairs and Climate Protection, on the occasion of the publication of the study results.
The deficits in standard cyber protection measures are particularly striking. 64 percent of the companies have no measures for attack detection, more than a third do without IT emergency plans (34 percent), 43 percent are careless in dealing with software and security updates. Half of the companies refrain from protective measures in e-mail communication.
A quarter of all companies forgo any promotion of digital IT security knowledge among employees. The proportion of medium-sized companies that rely on external experts for IT security has risen noticeably to 27 percent (+ 7 percentage points). Especially in smaller companies, employees are left to their own devices when it comes to security issues.
Cloud usage exceeds 50 percent mark
The stagnating protective measures in SMEs are opposed to a greater spread of IT in the corona pandemic. The use of clouds in SMEs has exceeded the 50 percent mark for the first time and is now at 53 percent (+6 percentage points). “Digital solutions have increasingly found their way into the everyday life of smaller companies. Almost all areas of value creation are affected - from ordering, service and production to delivery logistics and customer communication," explains Susanne Diehm from the DsiN board and member of the SAP management team for Central and Eastern Europe.
Additional protective measures for medium-sized users are still an exception, even with clouds and Internet platforms. Around 43 percent of cloud users rely on the provider's existing protective measures. The increased relevance of home office access to the cloud from home does not lead to any additional precautions. Only every second company provides regulations for the private working environment (52 percent). Around 22 percent define behavioral guidelines for the use of private and business IT, 30 percent envisage a strict separation of business and private IT. 48 percent have no special requirements for home office.
Expand digital assistance and competence networks
In view of the existing deficits in IT security precautions in SMEs, Diehm emphasizes additional measures of DsiN's educational work: "In response to the current need for action, DsiN will continue to expand its offer within the framework of the Transfer Office for IT Security in SMEs (TISiM) and with funding from the Federal Ministry of Economics From summer 2022, we will provide additional offers specifically for training companies," says Diehm. In addition, as part of TISiM, an educational focus is placed on safe "home office".
To the study at Sicher-im-Netz.de