According to a study in management levels in DA-CH, the availability of specialists is the greatest challenge - in Austria this even applies to external expertise. In Germany, Austria and Switzerland, the problems differ significantly, according to Sophos.
Cyber security in companies has become even more important in the recent past due to various factors. These include technological developments or the growing complexity of IT infrastructures. But those factors that are characterized by agile and mobile working, home office availability, the professionalization of cybercrime and an increased international threat situation are also having an increasing impact.
The results of a current management study by Sophos show that (as is currently the case in almost all professional fields and especially IT), the special area of IT security naturally also suffers from a severe shortage of skilled workers. But the company decision-makers surveyed also see challenges in other areas in the DACH region.
The staff is the most stuck
When asked what challenges they see in ensuring cyber security in their company, the management levels surveyed in all three countries most frequently indicated the availability of personnel. In Austrian companies, the difficulties in finding qualified personnel are mentioned most often with a frequency of 69,8 percent, in Germany with 62,7 percent and in Switzerland the value is lowest with 58,8 percent.
Around a third of all companies also get additional external consulting services in the form of MDR services, for example, to professionalize their cyber security. In Austria in particular, there seem to be challenges here as well. While only 11,8 percent of Swiss and 13,9 percent of German company managements state that they see difficulties in the availability of external consulting services, this is still the case for a third (30,2 percent) of those surveyed in Austria.
Bosses fear impediments to processes due to IT security
The IT security solutions could slow down systems and processes - this prejudice persists in the management floors. 45,1 percent of the Swiss and 40,3 percent of the German respondents stated that, from their point of view, the impairment of work processes is one of the challenges in ensuring and implementing cyber security. In Austria, only 28,3 percent name this.
Doubts whether cyber security can keep up with mobile and agile working
Bosses see two aspects of the modern working world as challenges for the implementation of IT security. In Austria, when it comes to ensuring cyber security, 45,3 percent of those surveyed expect difficulties in coordinating this task with the modalities of home office solutions. In Germany, 39,8 percent cast a critical eye on this, in Switzerland the figure is 35,5 percent.
Agile methods are indispensable in modern day-to-day work. Are the available security solutions flexible enough to keep up with agile business? After all, 42,8 percent of the German, 41,5 percent of the Austrian and 39,2 percent of the Swiss respondents expressed doubts here.
Old prejudices against IT security
"The figures for work processes and flexibility for agile workflows make it clear that an outdated and traditional image of IT security, which is based on rigid structures, often still prevails in executive floors," says Michael Veit, cyber security expert at Sophos. “However, modern cybersecurity solutions offer exactly the opposite and are characterized by their modular and flexible handling both in architecture and in everyday use. Technologies such as zero trust, managed security services or even adaptive cybersecurity ecosystems now enable flexible working in which the user is no longer aware of the IT security processes in the background.”
Investments at a constant level
When asked whether investments have changed in the last two years, a majority of respondents in Germany (57,2 percent) and Austria (52,8 percent) and 45,1 percent in Switzerland state that investments are on a have remained at an undiminished high level. 47,1 percent and thus most Swiss company managements stated that they had increased investments in the last 24 months. In Germany (34,8 percent) and Austria (32,1 percent), a good third invested more in IT security. 13,2 percent in Austria, 7,8 percent in Switzerland and 7,5 percent of the managers surveyed in Germany could not provide any information on this.
It was rather difficult for the management levels to quantify the exact proportion of expenditure for IT security, not least because of the complexity within all cost factors for IT. This applies in particular to Switzerland. Almost half (49 percent) of those surveyed stated that this was impossible to quantify. 36,3 percent of respondents from German companies could not name the share of IT security in IT expenditure, in Austria the figure was 30,2 percent.
Switzerland invests more than Germany and A
Otherwise, investments in cyber security in DACH are distributed as follows: In Germany, 20,9 percent of companies spend 5 to 9 percent of their money on IT security, 14,4 percent invest 10 to 19 percent. In Austria, 28,3 percent spend at least 10 to 19 percent on IT security and in 13,2 percent of the companies surveyed the proportion is even 20 to 29 percent. The following picture emerges in Switzerland: Here, 19,6 percent of companies spend 5 to 9 percent on cyber security and 13,7 percent even invest 20 to 29 percent of their budget in this important area.
background of the survey
On behalf of Sophos, Ipsos surveyed 201 C-level managers from trade, services and manufacturing in Germany and 50 each in Austria and Switzerland on the subject of IT security in their companies.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.
Matching articles on the topic