The looming economic damages from cyberattacks, according to the most recent figures from the Sophos Administration Study, are the primary driver for investments in cybersecurity. German and Austrian supervisors attribute a consciousness of the economic consequences of cyberattacks at 23.4 percent (D). Around 24 percent of Austrian investors cited a primary reason for their investments over the past three years. Switzerland stands out in this regard, highlighting the importance of cybersecurity investments to mitigate potential economic losses, with a significant 36 percent of respondents citing such concerns.
As the second most frequent challenge to expanding IT security within companies across all three countries is the escalating threat of attacks like ransomware, which underscores the need for proactive measures. In Germany, a significant proportion of respondents (21.4%) highlighted the importance of this aspect, followed by Austria with 20% and Switzerland with an even higher percentage of 28%, once again demonstrating a notable difference. Furthermore, the digital transformation within companies emerged as another crucial motivation to strengthen IT system security. Investments in cybersecurity are prioritized as third most important reason across all three countries, with German investors allocating 18.4%, Austrian investors 14.9%, and Swiss investors 20% of their investment budgets for this purpose. In contrast to the primary drivers of investments in cybersecurity, aspects such as requirements for cyber insurance (2% in Germany, 4% in Austria, and 4% in Switzerland) or applicable IT and cybersecurity laws like GDPR or NIS II had less significance. In Germany and Austria, this aspect was named by 8% of respondents each, while it did not form part of the survey in Switzerland.
Despite the steadily increasing cyber threat landscape, some companies have reported that they did not strengthen their cybersecurity defenses over the past three years. In Germany, this was the case for 10% of respondents, while in Austria, it applied to 14% and in Switzerland to 6%. Although many claim they haven’t invested in higher security measures over the past few years, it’s a missed opportunity, according to Michael Veit, Sophos’ Safety Evangelist, if every business doesn’t prioritize its cybersecurity investments.
Companies must recognize that investments in IT security are no longer a cost factor but rather an existential insurance policy. Failing to take this seriously can result in a catastrophic cyberattack that cripples one’s own business operation.
Those seeking to gain a deeper understanding of the positive impacts of modern cybersecurity on insurance status can do so by accessing relevant information online.
