• Majority of company employees cope well in their everyday work
• IT security is fully effective when it is also supported by the workforce

For effective IT security, it is important that company employees are able to work well with the measures and guidelines that have been put in place and that they comply with them. These include, for example, security solutions and password requirements. Almost 67 per cent of employees rate their own handling of these as good or very good. This is one of the findings of the representative study ‘Cybersecurity in Figures’ by G DATA CyberDefense, Statista and brand eins. This shows that planning IT security measures and guidelines is not just about comprehensively securing systems. It is clear that these measures must also be practicable for the workforce in their everyday work.

To ensure IT security in companies, IT managers rely on a mix of measures (including solutions and services) and guidelines, for example for the use of company computers. It is not enough to simply purchase and implement these measures. Employees must be involved so that they understand and support the regulations, such as the mandatory use of multi-factor authentication. This is the case in the majority of German companies, as evidenced by G DATA’s ‘Cybersecurity in Numbers’. Nearly half of those surveyed are comfortable with the situation, and just under 20 percent are very comfortable. Only seven percent feel left behind. A quarter of employees only feel partially comfortable with the situation. For companies, this result means that a high proportion of their workforce is confident in dealing with IT security issues. Nevertheless, they must remain vigilant to ensure that all employees support the IT security concept and thus contribute to corporate security.

‘IT security measures are only truly effective if employees understand them and apply them correctly in their everyday work,’ says Andreas Lüning, co-founder and CEO of G DATA CyberDefense AG. ‘As soon as guidelines are unclear or unnecessarily complex, shortcuts are taken in practice – rules are circumvented or implemented incorrectly. Attackers are aware of this and exploit it deliberately.’

Greatest need for improvement in the public sector and health & social services

A look at the various industries shows that employees of telecommunications and IT companies are the most confident when it comes to security guidelines and measures. In contrast, the highest proportion of employees with deficits can be found in administration and the health and social services sector.

Positive view of IT security policies

Most respondents consider IT security regulations to be fundamentally sensible. However, almost 37 per cent of the workforce also states that compliance costs time in everyday life. In contrast, 35 per cent not only feel secure, but also feel that it reduces their workload. Less than one in ten (8 per cent) find the necessary guidelines cumbersome and limiting to productivity.

IT security guidelines are necessary to strengthen cyber defence. They have an impact on the daily work of employees, for example through the possible requirement to use a password manager or the need to lock the computer when leaving the workplace. IT managers have a responsibility to develop sensible and practical rules that ensure greater IT security without limiting productivity.

Cyber security in figures available for download https://www.gdata.de/cybersicherheit-in-zahlen

‘Cyber security in figures’ has been published for the fifth time and is characterised by a high density of information and particular methodological depth: more than 5,000 employees in Germany were surveyed in a representative online study on cyber security in a professional and private context. The experts at Statista closely monitored the survey and, thanks to a sample size that far exceeds the industry standard, are able to present reliable and valid market research results in the magazine ‘Cybersecurity in Figures’. In addition, the market researchers have compiled figures, data and facts from more than 300 statistics into a comprehensive reference work on IT security.

Here you can download ‘Cybersecurity in Figures’ in German..