Most mistakes happen when people lull themselves into safety. Cyber security in particular proves that perceived security and weakening security measures are an invitation to attacks. A recent survey by Deloitte confirms that digitization is not a safe business. Half of the companies surveyed for the Deloitte Cyber Security Report 2018 stated that they are confronted with attacks daily or several times a week. At the same time, the perceived frequency of hacker attacks on companies is countered by a decreasing risk awareness among top managers.
Cyber attacks – no problem?
"Cyber attacks can't do much damage to our business." – This was the view of 60 percent of respondents at the top management level in the survey. In 2017, 54 percent were still of this opinion, and 46 percent a year earlier. This reduced awareness of cyber-security implies that security options are not being fully exploited.
The two-part report, in which Deloitte and IfD Allensbach participated, reveals an increased number of attacks. 93 percent of the respondents stated that they had been the victim of a hacker attack at least once. For 21 percent it was weekly attacks and for 25 percent even daily attacks. A good half stated that they had never or only rarely been attacked. One third said that the attacks went unnoticed.
Great need for action
Deloitte's Peter Wirnsperger points to a great need for action. "In addition to an optimized risk culture and strategic integration of IT security, this also includes cooperation with all players in the supply chain," explains the Head of Cyber Risk at Deloitte. Katrin Rohmann, Head of Government & Public Services at Deloitte, adds: "The use of information exchange platforms can also produce good results for the individual players. In essence, it is all about strengthening resilience, because there is no such thing as perfect all-round protection for cyber attackers. Because enterprises remain therefore only to increase their adaptability and resistibility.
Developing awareness of the problem
The potential of the diverse digital business models can only unfold if the senses for all security issues are sharpened. The issue of cyber security must be taken into account at every step. This starts with access to the website and does not end with big data, cloud or mobile apps. The customer expects the highest level of security.
According to the report, 67 percent of business executives see the greatest danger in know-how theft. If cyber security is related to their own company, 43 percent of those surveyed consider the costs of repairing the damage to be the most important aspect. 25 percent consider image damage to be the greatest risk.
Help from the state?
The survey revealed that almost all companies have their IT networks permanently in view. Expenditure on IT security ranges from a fifth to a tenth of the total expenditure on IT networks. Security measures include regular checks of employee access rights (87 percent of companies) and an analysis of vulnerabilities (81 percent of companies). But only 61 percent regularly check whether the most important assets are adequately protected. The simulation of cyber attacks in the form of simulation games is considered necessary by only 14 percent of respondents. The majority (75 percent) of managers rely on external experts for cyber security. Trust in government protection is not very pronounced. Self-help comes first. On the other hand, 54 percent demand that the state take effective measures.