Although human error is the top cybersecurity concern for four in ten (39 percent) of German SMEs, these companies' IT security training does not cover some of the most common security-related topics.
This means that there is an alarming discrepancy between the real threat situation and the risk awareness of employees - this is the conclusion of a current study by Sharp among more than 500 IT decision-makers and procurement managers from SMEs in various industries throughout Germany. The results are part of a large-scale Europe-wide study* by Sharp. According to the decision-makers surveyed, employees who are inadequately informed about IT security represent the second largest risk factor (39 percent) for their company - ahead of targeted attacks or a lack of protective measures. Only missing software and system updates are even more serious (40 percent).
Inadequate IT security training
Despite these concerns and the importance placed on comprehensive IT security training, the study shows that SMEs do not adequately cover some of the most important topics in their relevant employee training. Threats such as viruses and phishing are largely not discussed in the companies surveyed. The same applies to data loss and attacks that occur due to weak passwords - although up to a third of German SMEs are affected by exactly these issues.
Only about four to five out of ten IT security training courses deal with password security (41 percent), downloading files (42 percent), secure handling of data (48 percent), network security (40 percent) or the basics of and unsubscribe (41 percent). What is also worrying is that, despite an increase in hybrid working models with a correspondingly more complex cyber threat situation, only just under half (44 percent) of German SMEs have adapted their security training accordingly. And only in 37 percent of the companies surveyed does the topic of hybrid working even play a role in training.
“If training on everyday topics such as changing passwords, recognizing phishing emails and downloading files is not ongoing, this can become a real IT security risk. The increase in AI-powered phishing attacks in particular means that more companies are vulnerable to attacks than ever before. “As a result, German SMEs must instruct their employees to be more vigilant and deal appropriately with these new threats, as knowledge gaps can result in significant costs,” comments Kai Scott, Managing Director of Sharp Business Systems Germany.
More at Sharp.de
About Sharp Business Systems
Sharp Business Systems Deutschland GmbH (SBSD), headquartered in Cologne, is part of Sharp Europe and therefore also part of Sharp Corporation, a global technology company that employs more than 46.000 people worldwide and is an expert in innovations in the business-to-business sector and consumer is. Sharp offers a portfolio that ranges from desktop printers to multifunction printers, interactive monitors and displays, and collaboration platforms. The optimally coordinated solutions enable networked collaboration and help organizations make their business processes more efficient.
Matching articles on the topic