“37.0 percent of companies in Germany do not regularly train their employees on topics such as spam or phishing. (…) Only every third company (35.5 percent) has a patch management policy. Yet security gaps in applications and operating systems are among the most common attack vectors in companies.

Frightening figures can be found in the Kaspersky study “Incident Response for Prevention – Why Companies in Germany are Poorly Prepared for Cyber Attacks and How to Become More Cyber Resilient Thanks to Incident Response Methods”. Clearly, security awareness in German organisations is not far behind. There is no other explanation for the fact that many companies still offer extensive gateways to cyber criminals. However, adequate protection is no longer a question of large budgets – and is no longer the exclusive preserve of large corporations. Small and medium-sized businesses can also take the necessary precautions and protect themselves. The first step in raising the level of IT and information security is to accept that it is no longer only large organisations that can be targeted by cyber-attacks. Medium-sized and even very small businesses are also attractive targets for cyber criminals, for example to extort ransom money by encrypting data with ransomware Trojans.

Anyone can be the target of a cyber attack

Businesses should therefore be aware that any business can be the target of an attack. How can small and medium-sized companies in particular protect themselves? TEN Information Management offers services for all the topics mentioned in the study to actively manage IT and information security in companies:

  • Awareness campaigns to make employees aware of cyber threats. Simulated phishing campaigns are an integral part of this service offering, allowing employees to experience the dangers of a careless click.
  • Watchdog from TEN IM, a managed SIEM (Security Incident and Event Management) solution that makes it easy to detect missing patches and threats in real time for a fixed monthly price – without any manual effort from the organisation.
  • TEN IM’s penetration testing and vulnerability scanning services help you proactively identify security vulnerabilities in your own IT systems and applications – before real attackers do.

We always provide customised advice and communication at eye level. Interested?

More articles

Cybersecurity experts from around the world gathered in Nashville, Tennessee from 25-27 October for this year’s ISC2 Secure Congress. It became clear that the information and IT security community cannot ignore the topic of Artificial...
Many organisations trust that their own systems and applications “will be secure somehow”. Especially when third parties such as IT service providers or cloud services are used, the trust in IT security is great. Our...
Conversion to the latest version of the standard Companies that are certified according to the international standard ISO 27001 will have to think about converting their ISMS to the latest version of the standard in...