The Federal Office for Information Security (BSI) is once again warning of a critical, but not hopeless, cybersecurity situation in Germany: a massive increase in new malware, increasing threats from ransomware and data leaks, but also increased resilience through international cooperation and improved security measures. characterize the image of the 2024 management report.
Ransomware attacks in particular remain the biggest threat to German companies. In addition to large companies, small and medium-sized companies are increasingly being targeted. The costs for companies are increasing dramatically: in the third quarter of 2023, the average ransom amount paid after ransomware attacks was $850,000. Another worrying trend is the increase in malware, with an average of 309,000 new variants registered every day – an increase of 26 percent compared to the same period last year. Despite these developments, improved international cooperation is beginning to have positive effects, such as the successful takedowns of several international ransomware groups. The IT security standards and crisis prevention for operators of critical infrastructures (KRITIS) were also able to be further developed.
The cybersecurity situation remains difficult for the 3.1 million medium-sized companies in Germany. Smaller companies in particular, which often do not have their own IT staff and whose IT security tasks are limited by time or cost reasons, are often unable to implement basic protective measures. Many medium-sized companies also lack awareness of current threats and their own security risk.
The cyber risk check as a new standard for German medium-sized businesses
In order to provide a targeted remedy here, Der Mittelstand. BVMW developed the CyberRisk Check in collaboration with the BSI – a standard that is specifically tailored to the needs of small and micro-enterprises and from the project funded by the Federal Ministry for Economic Affairs and Climate Protection (BMWK) in the “IT Security in Business” initiative “safe with IT standard” was created. The check is carried out in a structured interview with a certified IT service provider and gives companies concrete recommendations for action to improve their cybersecurity. Participation is financially supported by funding programs at federal and state levels and offers medium-sized companies an important basis for their IT security strategy.
“With the cyber risk check, we have created real added value for medium-sized businesses,” emphasizes Marc Dönges, project manager of the Cybersecurity Transfer Office for medium-sized businesses. “Especially the simple and time-efficient one
Application makes it easier for companies to get started in cybersecurity.” In addition, the Cybersecurity Transfer Office in medium-sized businesses supports small companies with additional offers: The CYBERsicher Check, a free online tool, helps with the initial self-assessment of your own IT security. In In personal CYBER dialogues, companies also receive individual recommendations for action and can thus derive targeted protective measures.
Further information about the cybersecurity transfer office for medium-sized businesses can be found here: www.transferstelle-cybersicherheit.de
About the transfer office for cybersecurity in medium-sized businesses
The aim of the funding project is to increase the cybersecurity level of small and medium-sized companies, craft businesses and start-ups for a secure digital transformation through prevention, detection and reaction. Through information and qualification formats, numerous events nationwide, a detection and response platform for cyber attacks and a broad network of partners, we want to increase the level of cybersecurity in medium-sized businesses and make companies more resilient. The project is carried out by Der Mittelstand, BVMW eV, the FZI Research Center for Computer Science, the Leibniz University of Hannover – Institute for Vocational Education and Adult Education and the tti Technology Transfer and Innovation Promotion Magdeburg GmbH.
The Mittelstand-Digital network offers comprehensive support for digitalization with the Mittelstand-Digital Centers, the IT Security in Business Initiative and Digital Now. Small and medium-sized companies benefit from concrete practical examples and tailor-made, provider-neutral offers for qualification and IT security. The Federal Ministry for Economic Affairs and Climate Protection enables free use and provides financial subsidies. For more information, see www.mittelstand-digital.de.
About the association.
The middle class. BVMW eV is the largest, politically independent and cross-industry interest group for German medium-sized businesses.
Further information at: www.bvmw.de