Cybersecurity: The backbone of a successful digital transformation

Complex cyber-attacks in industrial environments are among the greatest threats to smooth business processes. Every year, espionage, sabotage and data theft cause serious damage running into billions. But security and trust are essential for a successful digital transformation. A closer collaboration between businesses, politics and civil society is as vital to public confidence in the digitalisation as to Germany's cyber resilience.

Digitalisation holds almost unlimited potential: By 2025, Europe could add up to 2.5 trillion Euros to GDP in 2025, boosting GDP growth by one percent a year over the next decade. This means in the private context that every German consumer will possess an average of 9.7 connected devices. This would enable many so-called smart solutions such as smart living. However, the ever-increasing digital interconnectedness entails major security challenges that need to be managed. Only if cyber security can be guaranteed, confidence in the digital transformation will remain in the long-term. The same applies to the ongoing digitalisation of the industrial production finding its expression in the rise of digital platforms – an important contribution to higher productivity and economic growth in Germany.

Cyber-attacks: A major risk to business activities

The rapid and even more comprehensive networking entails risks: Criminals are taking advantage of the fact that many industrial machines as well as simple devices (for instance, televisions and Wifi-cameras) – increasingly software-controlled and connected to the Internet – show inherent vulnerabilities and lack regular updates. Hackers exploit these week-spots and try to gain access to the software of these devices to conduct so-called Distributed Denial of Service (DDoS) attacks. The consequences of a successful cyber-attack can be devastating for companies – sometimes, if not managed well, even leading to bankruptcy.

In addition, industrial companies are often victims of even more complex cyber incidents. About half of all German industrial companies report weekly attacks. Over the past two years, cyber-attacks have cost the German economy around 43.4 billion Euros. Moreover, almost 70 percent of all companies have been victims of cyber-attacks in the same period. In addition, 40 percent of all companies see a high risk of serious damage from cybercrime.

According to the Allianz Risk Barometer 2018, business interruptions are considered the greatest business risk. Even in this context, cyber incidents are among the most likely triggers – ahead of explosions, natural disasters, supply chain disruptions and machine breakdowns. In the long run, the threat of attacks from cyberspace is seen as the most important risk to businesses.

German industry contributes to enhanced cyber resilience

The majority of German companies takes organisational, employee-related and technical security measures to reduce the threat of attacks. In addition, when producing connected devices many German companies abide by the “security-by-design”-principle. Thus, they provide customers with highly cyber-resilient products and services. A Bitkom study conducted in 2018 points out which measures German industrial companies use to protect themselves against cyber-attacks.

  • Technical security: While all companies protect their data with passwords, virus scanners and firewalls, only four out of ten companies encrypt their e-mail traffic.
  • Organisational security: Today, all companies define access rights for certain information and almost half of all companies carry out security certifications.
  • Employee-related security: Since people are still often the greatest threat to a company's cyber-resilience – e.g. by clicking on links in phishing e-mails – almost 60 percent of all companies train their employees on security issues.

Furthermore, a close cooperation between public and private actors is of central importance in the field of cyber security. In this context, the Alliance for Cyber Security (Allianz für Cybersicherheit), launched in 2012, represents a successful model for creating cooperation between state and non-state (business) actors. The Alliance for Cyber Security offers its members up-to-date information on the IT security situation, various events for the exchange of knowledge and best practices, as well as a wide range of consulting and support services. Several thousand companies and institutions, such as the Federation of German Industries (BDI), have already joined the initiative - and the number is rising.

For even closer cooperation between industry and politics, the BDI and the Federal Ministry of the Interior jointly launched the project “Bündnis für Cybersicherheit” in 2018. While intensifying the exchange on international cyber security topics, BDI and BMI are working on an overview of the existing cyber security initiatives of government and industry. It aims at companies to find the right contact person as quick as possible.