The new Sosafe study „Human Risk Review 2024“ reveals that more than half of organizations (52 percent) in the DACH region have already been affected by cyber attacks. 77 percent of security experts in Germany, Austria, and Switzerland believe that the threat landscape is at its most critical point in the last five years. The Human Risk Review analyzes the current cyber threat landscape in Europe and the security culture in companies annually. The report is based on the responses of more than 1,250 security officials in Western Europe and 3.2 million data points from the Sosafe platform for security awareness and human risk management. 54 percent of respondents consider the risk of cyber attacks having significant negative impacts on their company as high. Only 44 percent believe that cyber attacks are attributable to the human factor, while Forrester predicts that by 2024, 90 percent of all data breaches will involve the human factor. Additionally, 3 out of 4 respondents (75 percent) state that the satisfaction of their employees plays a central role in the cybersecurity of the company.
„Organizations are facing a challenging cyber threat landscape. Cyber criminals are continuously developing new attack methods that often target our human emotions. The current geopolitical instability creates new motives for criminals and state actors, resulting in a complex situation. Special caution is required due to the use of sophisticated, AI-driven tools, as attacks increasingly take unexpected forms. We must not underestimate the size and scope of these threats and empower people to face them. We achieve this by helping organizations understand employees as the strongest and most versatile component of their security strategies – and by helping them activate them through holistic, behavior-based approaches,“ said Dr. Niklas Hellemann, psychologist and CEO of Sosafe.
DACH companies deprioritize cybersecurity despite awareness of risks. While strong technical security measures are essential, they alone do not protect against the tactics of modern cyber criminals. Already, 87 percent of security officials see the establishment of a holistic security culture in the company – involving their employees – as a clear priority. Nearly all companies (99 percent of respondents) stated that senior executives and the board are involved in the management and decision-making in the field of cybersecurity. At the same time, less than half of respondents in the DACH region (43 percent) reported an increasing focus on cybersecurity on the part of the management. In comparison, in the UK, it is 73 percent, and in Spain, it is 66 percent. One-fifth in the DACH region said that the focus is declining; for 10 percent of respondents in the DACH region, cybersecurity is not even a company priority.
Dr. Niklas Hellemann is convinced that a holistic security culture can only be strengthened by focusing on employees in the company: „Over several years, we have worked with thousands of companies and put people at the center. One thing has been consistently confirmed: a behavior-oriented approach to sustainably mitigate human risks and empower employees works. In just one year, our customers were able to increase reporting rates by up to 147 percent, which is a clear sign of an established proactive security culture.“ #Sosafe
In today’s digital age, where cyber threats are constantly evolving, it is crucial for organizations to prioritize cybersecurity and involve their employees in building a strong security culture. By recognizing the human factor in cybersecurity incidents and implementing behavior-based approaches, companies can better protect themselves against cyber attacks. Investing in security awareness programs and empowering employees to recognize and respond to potential threats can make a significant difference in enhancing overall cybersecurity posture. By fostering a culture of vigilance and proactive risk mitigation, organizations can stay ahead of cyber threats and safeguard their sensitive data and valuable assets.