Cybercrime remains a real threat in Germany: more than one in three companies (35 per cent) in this country has been the victim of a cyber attack in the past two years.
The attacks have placed a greater financial burden “on a large number of companies than in previous years: For 57 per cent, the total amount of damage has increased.”
These are the findings of the KPMG study ‘e-Crime in the German Economy 2024’.
The majority of companies have “realized that e-crime is a real threat.”
For example, 67 per cent of respondents “rate the risk of becoming a victim of cybercrime as high or very high. In 2022, this figure was 61 per cent and 51 per cent in 2019.”
In addition, 65 per cent of companies “expect the risk to increase over the next two years.”
Cybercrime remains an omnipresent “threat to German companies.”
The number of attacks “remains high – and the costs incurred are rising at the same time. This shows that attacks are becoming more and more pervasive.”
It is not enough to be aware of the danger. Above all, decision-makers “should now take measures to protect themselves.”
According to the study, affected companies “are most frequently victims of phishing (53 per cent), attacks on cloud services (42 per cent) and data leaks (37 per cent).”
Computer criminals most frequently “direct their attacks against mail servers (39 per cent) and web servers (36 per cent).”
They also use companies’ service providers “as a gateway for their criminal activities.”
More than half (54 per cent) of the affected companies “experienced attacks on their own data via the technical infrastructure of service providers.”
Computer criminals often do “not take a targeted approach, but steal all data to which they can gain access.”
The most sought-after prey “is customer data (47 per cent), followed by the company’s bank and financial data (42 per cent) and personnel data (37 per cent).”
Employees remain a significant risk factor
66 per cent of companies “see a lack of security awareness among their employees as a major risk for e-crime. 74 per cent therefore rely on training to sensitise their staff.”
Michael Sauermann, Head of Forensic Technology Germany & EMA at KPMG said:
“People remain a major risk when it comes to cybercrime. A lack of understanding of security in particular often makes it easy for criminals. Companies should invest in the human firewall, i.e. sensitising their employees.”
Cyber insurance on the rise
To protect themselves against the financial consequences of e-crime, companies are increasingly “turning to cyber insurance.”
40 per cent of the companies surveyed “have already taken out such insurance and a further 42 per cent are considering taking it out.”
About the study
For the study, 750 employees from companies “selected on a representative basis according to sector and turnover were asked about their experiences in the field of cybercrime.”