Digitalisation holds almost unlimited potential: By 2025, Europe could add up to 2.5 trillion Euros to GDP in 2025, boosting GDP growth by one percent a year over the next decade. On a private level, this means that every German consumer will possess an average of 9.7 connected devices. This would enable many so-called smart solutions such as smart living. However, the ever-increasing digital interconnectedness entails major security challenges that need to be managed. Only if cyber security can be guaranteed, confidence in the digital transformation will persist in the long-term. The same applies to the ongoing digitalisation of the industrial production, finding its expression in the rise of digital platforms – an important contribution to higher productivity and economic growth in Germany.
Cyber-attacks: A major risk to business activities
The rapid and even more comprehensive networking entails risks: Criminals are taking advantage of the fact that many industrial machines as well as simple devices (e.g. televisions and Wifi-cameras) – increasingly software-controlled and connected to the Internet – show inherent vulnerabilities and lack regular updates. Hackers exploit these weak spots and try to gain access to the software of these devices to conduct so-called Distributed Denial of Service (DDoS) attacks. The consequences of a successful cyber-attack can be devastating for companies – sometimes, if not managed well, even leading to bankruptcy. According to the Allianz Risk Barometer 2020, cyber incidents are considered the greatest business risk by companies worldwide.
In addition, industrial companies are often victims of even more complex cyber incidents. Data theft, industrial espionage and sabotage have caused the German economy losses of around 205.7 billion Euros in the last two years. Digital attacks affected seven out of ten companies. Apart from malware infection, password spying and phishing attacks were the most common methods used by criminals. In addition, 40 percent of all companies see a high risk of serious damage from cybercrime.
German industry contributes to enhanced cyber resilience
The majority of German companies takes organisational, employee-related and technical security measures to reduce the threat of attacks. In addition, when producing connected devices many German companies abide by the “security-by-design”-principle. Thus, they provide customers with highly cyber-resilient products and services. A Bitkom study conducted in 2018 points out which measures German industrial companies use to protect themselves against cyber-attacks.
- Technical security: While all companies protect their data with passwords, virus scanners and firewalls, only four out of ten companies encrypt their e-mail traffic.
- Organisational security: Today, all companies define access rights for certain information and almost half of all companies carry out security certifications.
- Employee-related security: Since people are still often the greatest threat to a company's cyber-resilience – e.g. by clicking on links in phishing e-mails – almost 60 percent of all companies train their employees on security issues.
Furthermore, a close cooperation between public and private actors is of central importance in the field of cyber security. In this context, the Alliance for Cyber Security (Allianz für Cybersicherheit), launched in 2012, represents a successful model for creating cooperation between state and non-state (business) actors. The Alliance for Cyber Security offers its members up-to-date information on the IT security situation, various events for the exchange of knowledge and best practices, as well as a wide range of consulting and support services. Several thousand companies and institutions, such as the Federation of German Industries (BDI), have already joined the initiative - and the number is rising.
For even closer cooperation between industry and politics, the BDI and the Federal Ministry of the Interior jointly launched the project “Bündnis für Cybersicherheit” in 2018. While intensifying the exchange on international cyber security topics, BDI and BMI are working on an overview of the existing cyber security initiatives of government and industry. It aims at companies to find the right contact person as quick as possible.