“37.0 percent of companies in Germany do not regularly train their employees on topics such as spam or phishing. (…) Only every third company (35.5 percent) has a patch management policy. Yet security gaps in applications and operating systems are among the most common attack vectors in companies.

Frightening figures can be found in the Kaspersky study “Incident Response for Prevention – Why Companies in Germany are Poorly Prepared for Cyber Attacks and How to Become More Cyber Resilient Thanks to Incident Response Methods”. Clearly, security awareness in German organisations is not far behind. There is no other explanation for the fact that many companies still offer extensive gateways to cyber criminals. However, adequate protection is no longer a question of large budgets – and is no longer the exclusive preserve of large corporations. Small and medium-sized businesses can also take the necessary precautions and protect themselves. The first step in raising the level of IT and information security is to accept that it is no longer only large organisations that can be targeted by cyber-attacks. Medium-sized and even very small businesses are also attractive targets for cyber criminals, for example to extort ransom money by encrypting data with ransomware Trojans.

Anyone can be the target of a cyber attack

Businesses should therefore be aware that any business can be the target of an attack. How can small and medium-sized companies in particular protect themselves? TEN Information Management offers services for all the topics mentioned in the study to actively manage IT and information security in companies:

  • Awareness campaigns to make employees aware of cyber threats. Simulated phishing campaigns are an integral part of this service offering, allowing employees to experience the dangers of a careless click.
  • Watchdog from TEN IM, a managed SIEM (Security Incident and Event Management) solution that makes it easy to detect missing patches and threats in real time for a fixed monthly price – without any manual effort from the organisation.
  • TEN IM’s penetration testing and vulnerability scanning services help you proactively identify security vulnerabilities in your own IT systems and applications – before real attackers do.

We always provide customised advice and communication at eye level. Interested?

More articles

Numerous details about people, their purchases and other sensitive details could be accessed unprotected on the web for months, as Der Spiegel (German content) prominently reports on its website. A service provider had inadequately secured...
This question is often asked by novices who are dealing with ISO 27001 for the first time. What is an Internal Audit? An internal audit is a self-audit to verify three key points by an...
Video surveillance is a common means of increasing security in companies. It is intended to prevent theft, protect employees and create a safe working environment overall. But what happens when video surveillance itself becomes a...