eco IT Security Survey 2023: IT experts see an intensification of the cyber threat situation due to the war in Ukraine.
The threat situation is growing, say 93 percent of the IT experts surveyed. One factor: the Ukraine war. 84 percent of IT security experts say the war of aggression against Ukraine has exacerbated the threat situation. These are the results of the current eco IT Security Survey 2023, for which eco surveyed around 100 experts from the IT security industry”.
The change of era advocated by Chancellor Olaf Scholz must also affect the global IT security structure,” says eco board member Professor Norbert Pohlmann. “Organized cybercrime, but also state actors, are increasingly using cyberspace specifically to attack companies, as well as public infrastructures. Therefore, it has never been more important to look at cybersecurity also from a geopolitical perspective and prepare for different attack scenarios.”
According to the survey, the experts agree that the German economy is still inadequately positioned overall in terms of IT security. The experts’ assessment has even worsened over the years. In 2021, 66 percent of the experts rated the industry’s efforts as “inadequate,” while 77 percent came to this gloomy conclusion.
SMEs in the focus of cybercriminals
By contrast, the respondents are rather optimistic about the IT security in their own companies: 53 percent say that their own company is very well or well secured, and 28 percent feel that it is adequately secured. Around 13 percent of companies had at least one serious security incident last year. Compared to the previous two years, this is at least a slightly lower figure.
“The discrepancy in the assessment of one’s own security situation and the actual security situation in Germany in general shows how difficult it is even for experts to correctly assess the threat,” says Oliver Dehning, head of the Security Competence Group at eco: “Many SMEs in particular are – without being aware of it – the focus of internationally operating cybercrime networks.”
Practical assistance against ransomware
In the vast majority of companies, those responsible for IT security take measures to prepare for a worst-case scenario and to raise their employees’ awareness. For example, 70 percent of respondents state that they conduct regular employee training, and only 3 percent do not take this measure at all. In addition to continuous employee training to increase awareness in the areas of security and phishing, emergency planning is currently one of the top security topics for the companies surveyed. More than 70 percent have defined internal processes for warding off a cyber attack and already have defined emergency plans.
To minimize the risk of a successful ransomware attack from the outset, the companies Sophos, Microsoft and Rhode & Schwarz provide practical assistance with the Ransomware Initiative under the umbrella of eco.
The initiative recommends the following technical and organizational precautions:
- Create cybersecurity awareness among your employees. Phishing, whether by mail or phone, is one of the most successful tools used by cybercriminals.
- Use strong passwords and where possible, strong multi-factor authentication.
- Allow external connections to internal systems only from designated IP addresses or via VPN.
- Be sparing with the assignment of user rights. Administrator rights in particular should be reserved exclusively for expert IT personnel.
- Allow apps to be installed only from trusted sources.
- Unusual network activity is a clear alarm signal; respond to warnings from your monitoring software.
- Disable scripting environments and macros from external sources. The majority of malware is introduced via Office files.
- Install timely updates for the software and operating systems you use.
- Review your business continuity management (BCM) and IT contingency plans and prepare to be temporarily without external service providers in the event of a large-scale cyber attack.
- Review and test your backup strategy. Backups of all business-critical systems should exist and their restoration should be tested.