“37.0 percent of companies in Germany do not regularly train their employees on topics such as spam or phishing. (…) Only every third company (35.5 percent) has a patch management policy. Yet security gaps in applications and operating systems are among the most common attack vectors in companies.
Frightening figures can be found in the Kaspersky study “Incident Response for Prevention – Why Companies in Germany are Poorly Prepared for Cyber Attacks and How to Become More Cyber Resilient Thanks to Incident Response Methods”. Clearly, security awareness in German organisations is not far behind. There is no other explanation for the fact that many companies still offer extensive gateways to cyber criminals. However, adequate protection is no longer a question of large budgets – and is no longer the exclusive preserve of large corporations. Small and medium-sized businesses can also take the necessary precautions and protect themselves. The first step in raising the level of IT and information security is to accept that it is no longer only large organisations that can be targeted by cyber-attacks. Medium-sized and even very small businesses are also attractive targets for cyber criminals, for example to extort ransom money by encrypting data with ransomware Trojans.
Businesses should therefore be aware that any business can be the target of an attack. How can small and medium-sized companies in particular protect themselves? TEN Information Management offers services for all the topics mentioned in the study to actively manage IT and information security in companies:
We always provide customised advice and communication at eye level. Interested?