One in three managers in Germany does not understand cyber security terms. A survey shows that there is already a problem distinguishing between ransomware and malware. 46 percent see confusing technical jargon as an obstacle.
According to current Kaspersky survey Although the management team in Germany rates cyber threats (47 percent) as just as big a risk for their company as the currently deteriorating economic environment (47 percent), at the same time there is a lack of understanding of basic cybersecurity-related terms. For example, supposedly common terms such as malware or ransomware cause confusion.
Lack of technical understanding of IT security
Whether Sky Deutschland or T-Mobile - while cyber attacks seem to be increasing in Germany, the topic of cyber security is not even a permanent item on the agenda in board meetings for less than half (46 percent) of management. The lack of integration of the topic into the agenda can possibly be attributed, among other things, to the fact that many managers do not fully understand the terminology.
Because for almost half (46 percent) of the C-Level in Germany, the technical jargon and industry terms are currently the biggest hurdle for cyber security - ahead of budget restrictions (44 percent). The following terms are therefore confusing for the management team:
- Malware (40 percent)
- Zero-day exploit (40 percent)
- Phishing (39 percent)
- Ransomware (38 percent)
- APTs (36 percent)
It is therefore less surprising that more technical jargon, such as IoC (Indicator of Compromise, 56 percent), YARA rules (54 percent) or TTPs (Tactics, Techniques, and Procedures - 54 percent) is often not understood.
Study “Do you speak Cybersecurity?”
"Our results indicate that the lack of prioritization of cyber security in senior management could be due to a lack of understanding of terminology on the part of management," explains Christian Funk, head of the Global Research and Analysis Team (GReAT) at the DACH region at Kaspersky. “Cyber security must not fail because of communication. The forwarding of relevant incidents to the executive floor - in an understandable and clear way, without resorting to spongy language or complex technical jargon - is often both challenging and essential for a permanently functioning and above all safe operation".
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/