IT security: Inadequate employee training

B2B Cyber ​​Security ShortNews

Share post

Companies do not pay enough attention to improving the skills and understanding of IT security among their workforce, as shown by the new representative study “Cybersecurity in Numbers” by G DATA CyberDefense, brand eins and Statista.

With the right behavior, employees can prevent cyberattacks – that’s the theory. However, practice looks different, as the current employee survey “Cybersecurity in Numbers” by G DATA CyberDefense, brand eins and Statista shows. Only three out of five respondents check emails for phishing and only two thirds lock their computers when they leave work. Employees assume that their employer uses technical measures to ensure sufficient IT security. They do not see themselves as responsible for contributing to cyber defense through prudent behavior. That is fatal. Cybercriminals use social engineering to target employees directly and try to gain access to the network.

Any employee can be the target of a phishing attack

“Anyone who does not educate and train their employees about current cyber threats is making a big mistake,” says Andreas Lüning, co-founder and board member of G DATA CyberDefense AG. “Leaders in companies must act responsibly and involve all employees in IT security. Clerks in accounting or human resources are also an attractive target for phishing attacks.”

One way to strengthen the staff's sense of responsibility is through training courses on IT security. This also happens in more than half of German companies. However, it is surprising that almost 46 percent of companies do not offer training for all employees and think that technical solutions are sufficient. A third of those surveyed also stated that only IT employees receive training. In addition, a third decide against security awareness training due to high costs. This argument can be quickly refuted: the crucial question is how long a company will be economically viable in the event of damage.

The most important results at a glance:

  • The total damage caused by cybercrime in Germany has almost quadrupled within seven years.
  • Although the number of skilled workers in the field of cybersecurity in Germany increased by around 2019 percent between 2022 and 250, the number of missing skilled workers has increased by almost 2020 percent since 70.
  • The number of known vulnerabilities reached a new high last year with more than 33.000 security holes registered.

Cyber security in numbers

“Cybersecurity in Numbers” is characterized by a high level of information density and particular methodological depth: Statista’s researchers and market researchers have brought together numbers, data and facts from more than 300 statistics into a unique complete work. More than 5.000 employees in Germany were surveyed as part of a representative online study on cybersecurity in professional and private contexts. Statista's experts closely monitored the survey and, thanks to a sample size that is well above the industry standard, are able to present reliable and valid market research results.

More at


About G Data

With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more