Cyber threat level increased - study proves deceptive sense of security

Cyber attacks on companies have not only been in the headlines with increasing frequency in the recent past. In fact, the threat situation has increased since the corona pandemic due to rapid digitalisation developments. How are companies positioned with regard to securing their networks? What consequences does the increasing cloud transformation have for security? And in which security areas is the most investment currently being made?

Detailed answers are provided by the study "From Cyber Security to Cyber Resilience", which KPMG prepared in cooperation with the market research and consulting firm Lünendonk. The report provides a comprehensive view of the status quo in various industries. 100 IT security managers were interviewed by telephone.

84 percent of the companies observe an increase in the threat situation compared to 2022. The reasons given are increasing process digitisation, more professional hacker organisations and the geopolitical situation. In 2023, the concern about hacker attacks in the form of DDoS attacks (Distributed Denial of Service) has also increased significantly compared to 2022. The current top risks: phishing campaigns and ransomware. For every second company, keeping up with the criminals' methods and technological progress is a major challenge.

Despite increased cyber threats, nine out of ten companies rate their ability to detect and defend against cyber attacks at an early stage as high. This may be due to the fact that many attacks are not even recognised. The feeling of security seems deceptive.

One of the greatest threats to the compromise of IT systems comes from digital identities. However, only every fourth company has a so-called Privileged Access Management (PAM) in place to protect digital identities. Only one in three companies has a central SIEM (Security Incident and Event Management) to carry out security monitoring.

An improvement can be seen in the measurement of the security status. Thus, 41 percent of the companies regularly check their IT systems through external gap analyses (audits). In 2022, significantly fewer companies did this, at 36 percent. The proportion of companies that regularly measure their cyber security status on the basis of KPIs has also risen: from 68 percent (2022) to the current 72 percent.

Nine out of ten companies want to invest in vulnerability management, identity & access management, security monitoring and business continuity in 2023 and 2024. The investment plans in the areas of data centre security, AI-supported cyber defence and cloud security show a significant increase.

The relevance of cloud security is increasing on the agenda overall. Companies pursuing a cloud-first strategy are working more frequently with external service providers. This is because not only high compliance and security requirements cause problems, but also costs and a lack of skilled workers. Resources of the IT department are often not enough - clouds are considered to be "secure premium applications like from the socket". An integrated security operating model is necessary for risk management.

It is striking that a large proportion of those companies that invest more in cloud security also invest in endpoint security and PAM at the same time. Companies that invest more in data centre security, on the other hand, also place a great deal of focus on identity & access management and security monitoring.

Download the study here and learn more (in German only).