Companies do not pay enough attention to improving the skills and understanding of IT security among their workforce, as shown by the new representative study “Cybersecurity in Numbers” by G DATA CyberDefense, brand eins and Statista.
With the right behavior, employees can prevent cyberattacks – that’s the theory. However, practice looks different, as the current employee survey “Cybersecurity in Numbers” by G DATA CyberDefense, brand eins and Statista shows. Only three out of five respondents check emails for phishing and only two thirds lock their computers when they leave work. Employees assume that their employer uses technical measures to ensure sufficient IT security. They do not see themselves as responsible for contributing to cyber defense through prudent behavior. That is fatal. Cybercriminals use social engineering to target employees directly and try to gain access to the network.
Any employee can be the target of a phishing attack
“Anyone who does not educate and train their employees about current cyber threats is making a big mistake,” says Andreas Lüning, co-founder and board member of G DATA CyberDefense AG. “Leaders in companies must act responsibly and involve all employees in IT security. Clerks in accounting or human resources are also an attractive target for phishing attacks.”
One way to strengthen the staff's sense of responsibility is through training courses on IT security. This also happens in more than half of German companies. However, it is surprising that almost 46 percent of companies do not offer training for all employees and think that technical solutions are sufficient. A third of those surveyed also stated that only IT employees receive training. In addition, a third decide against security awareness training due to high costs. This argument can be quickly refuted: the crucial question is how long a company will be economically viable in the event of damage.
The most important results at a glance:
- The total damage caused by cybercrime in Germany has almost quadrupled within seven years.
- Although the number of skilled workers in the field of cybersecurity in Germany increased by around 2019 percent between 2022 and 250, the number of missing skilled workers has increased by almost 2020 percent since 70.
- The number of known vulnerabilities reached a new high last year with more than 33.000 security holes registered.
Cyber security in numbers
“Cybersecurity in Numbers” is characterized by a high level of information density and particular methodological depth: Statista’s researchers and market researchers have brought together numbers, data and facts from more than 300 statistics into a unique complete work. More than 5.000 employees in Germany were surveyed as part of a representative online study on cybersecurity in professional and private contexts. Statista's experts closely monitored the survey and, thanks to a sample size that is well above the industry standard, are able to present reliable and valid market research results.
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.