Euro Security logo white
Cyber security only on paper? Three out of five employees do not receive regular IT security training

July 17, 2025

Cyber Security

A study by G DATA shows that critical sectors such as healthcare and local government have a lot of catching up to do when it comes to security awareness training

Despite increasing cyber threats, many employees in Germany still do not receive regular training on IT security. Only a good third of those surveyed receive regular training on cyber security. On the other hand, 21 percent of employees are not even aware of such training. Yet employees play a central role in a company’s cybersecurity. Attackers repeatedly target employees and try to trick them with phishing or social engineering. The goal: access to the company network.

‘Security awareness should not be a question of resources or the degree of digitalisation – it must be understood as a basic requirement for every company,’ says Andreas Lüning, co-founder and CEO of G DATA CyberDefense. ‘Anyone who does not regularly train employees in the safe use of IT systems exposes the entire organisation to an incalculable risk. However, it is not enough to train managers alone. Training must therefore be an integral part of every security strategy, regardless of industry or company size.’

Large companies provide more training

The study also shows that the larger the company, the more likely it is to provide regular training. In organisations with over 1,000 employees, more than 43 percent of employees receive regular training. In smaller companies with 100 to 249 employees, only one in four respondents reported receiving recurring training.

There is also a big difference between individual industries. Employees in the healthcare, retail and public sectors were more likely than average to say that they were unaware of security awareness training. Companies in the telecommunications and financial services sectors are significantly further ahead, with rates of less than five percent. Here, those responsible have already established cybersecurity as part of the corporate culture.

Cyber security in figures for download

‘Cyber security in figures’ has been published for the fourth time and is characterised by a high density of information and particular methodological depth: Statista’s market researchers have compiled figures, data and facts from more than 300 statistics into a unique comprehensive work. More than 5,000 employees in Germany were surveyed in a representative online study on cyber security in a professional and private context. The experts at Statista closely monitored the survey and, thanks to a sample size that far exceeds the industry standard, are able to present reliable and valid market research results in the German magazine ‘Cyber Security in Figures’.

Related Articles

Commentary: BERLIN – Known risks, familiar words, familiar failures

Jan 7, 2026

The power outage in Berlin since 3 January 2026 is extraordinary in its scale, but remarkably familiar in its causes and political consequences. Five damaged high-voltage cables, tens of thousands of households without electricity and heating, restrictions on mobile...

Commentary: Hesse’s clear stance against left-wing extremism

Jan 7, 2026

In his statement, Hesse's Interior Minister Roman Poseck paints a deliberately clear picture of left-wing extremism as a threat to security. The core of his position is clear: left-wing extremism is not understood as a marginal phenomenon or merely a side issue of...

Positive safety record at Bavaria’s Christmas markets

Jan 4, 2026

Successful protection concepts combining presence, prevention and cooperation At the end of the 2025 Christmas market season, the Bavarian State Ministry of the Interior reports a thoroughly positive safety record. Home Secretary Joachim Herrmann spoke of...

Share This