Cyberattacks can start with a single email: just one click on a malware-coated link can attack entire departments or even paralyze entire corporations. And the risk continues to rise: never before have German executives assessed the risk of digital attacks on their own company as high as they do now. More than two out of three managers (68 percent) rate the danger of being a victim of a Cyber attacks to be classified as “rather high” to “very high”.
Compared to the survey in 2021, the proportion of companies that describe a risk as “rather high” or “very high” has increased by five percentage points. Companies in the technology, media and telecommunications sectors (77 percent), the pharmaceutical and healthcare industries and automobile manufacturers (both 75 percent) are particularly wary.
This is the result of a recent survey by the consulting and auditing company EY, for which more than 500 managers from German companies were interviewed.
Three-digit billions in damage per year
When asked whether the risk of becoming a victim of a cyber attack has increased in the past two years, almost three quarters of those surveyed (72 percent) answered “Yes”. According to those surveyed, the problem will not get any smaller. Quite the contrary: All managers surveyed assume that the number of cyber attacks and the importance of data theft will increase
In addition to attacks by organized crime, executives fear attacks from Russia and China in particular.
EY partner Bodo Meseke spoke of a “continuous digital arms race with criminals, hacktivists and even foreign secret services.” Since the first survey in 2011, the risk of cyber attacks has increased continuously – and with it the costs.
“In this country alone we are talking about one hundreds of billions in damage from cybercrime – every year. Consequential costs, such as the loss of image after a successful attack, are not even included,” explained Meseke.
37 percent of the companies gave concrete indications of cyber attacks or data theft. In the survey two years earlier, however, it was still 44 percent.
According to the study, almost half of the companies surveyed with sales of between 25 and 50 million euros have been the victim of a cyber attack at least once in the past two years. For larger companies, the rate is around 40 percent.
According to almost three quarters (72 percent) of the 500 respondents, the risk of becoming a victim of a cyber attack has increased over the past two years. Above all, attacks by organized crime are feared. Almost three quarters of managers (73 percent) see this as a high risk, followed by threats from so-called hacktivists such as the hacker collective “Anonymous”.
The military and armaments industry are also affected: exercise against hacker attack at NATO in Estonia
Foreign secret services (36 percent) pose a greater risk from the point of view of executives than they did two years ago (30 percent). The companies are therefore most likely to expect this Attacks from Russia or China. The answers are likely to be influenced by the current geopolitical situation. In recent years, however, cyber attacks that have been tolerated by the state or supported by countries have increased significantly, explained Meseke.
Despite the growing concerns, one in three respondents (33 percent) said that their own company was not sufficiently protected against digital attacks.
“There can be no absolute security in any area of a company, not even digitally. Nevertheless, your own business secrets and the know-how you have developed must be protected as best as possible from unauthorized access,” emphasizes study author Thomas Koch, who is responsible for digital forensics at EY. “The fact that almost all companies, regardless of the industry, are now aware of the danger of cyber attacks is a very good sign. Nevertheless, a third of all companies say that they are not sufficiently protected against phishing emails, malware and other possible attacks quite worrying about that.”
His co-author Bodo Meseke emphasizes that contingency plans that are as precise as possible and practiced regularly can help to limit the damage in an emergency. “Primarily, however, the speed of reaction remains the most important factor in successfully defending against cyber attacks.”
Almost every second company is insured against digital risks
The threat situation has led to the fact that 46 percent of companies say they have taken out insurance against digital risks. 35 percent of companies do not yet have such insurance coverage, while 19 percent of executives did not provide any information.
The proportion of companies with insurance protection is particularly high in the healthcare sector, in the construction, real estate and hospitality sectors and in the financial sector. Here it is over 50 percent.
tko/hb (dpa, rtr, EY)