Two in three CEE companies don’t have any cybersecurity strategy, according to “Cyber Threat CEE Region 2018” report

Entrepreneurs, more than any other professional group, need to be aware that we are on the verge of the age of digital revolution where information is the new currency. We are increasingly dependent on the security of our data. Even so, as shown by “Cyber Threat CEE Region 2018”, a study carried out by the CYBERSEC HUB platform among representatives of Central and Eastern European SMEs, a staggering 65% of companies in the region do not have any cyber security strategy in place, only half of them make regular data back-ups, and almost 60% still rely primarily on classic anti-malware software.

 

Cyber security currently tops the list of challenges that companies around the world need to overcome. We are witnessing widespread business digitisation which has significantly increased the risk of cyber-attacks. In order to investigate the level of protection against such threats in Central and Eastern Europe, the Krakow-based CYBERSEC HUB platform conducted a study titled “Cyber Threat CEE Region 2018”. The survey was carried out in March and April 2018 among 500 Central European SMEs from Czechia, Poland, Romania, Hungary and Slovakia, employing between 1 and 249 employees.

 

Security strategy shortcomings

 

The results of the study have shown that despite the growing number of cyber-attacks, as many as 65% of CEE-based companies have not developed any strategies to protect their customers’ data. Among the countries in the region, the situation in Poland appears to be the most promising, with half of the companies declaring that they have implemented relevant measures. At the opposite end of the spectrum are Czech and Slovak companies, among which only 23% have done so.

 

Stagnation in expenditure on cyber security

 

How much money is spent on cyber security in Central and Eastern Europe? On average, 2,000 euros per company. Poland is an unparalleled leader in its region, with its average expenditure of 6,400 significantly inflating the regional average. Czechia comes last with a spending level of some 300 euros. What is concerning, however, is the fact that as many as 55% of CEE-based companies allocate only between 0 and 250 euros for cyber security (this includes 25% of Polish enterprises). In addition, the study by CYBERSEC HUB implies that over the last 5 years, entrepreneurs in the region have increased their spending on cyber security by only 60 euros on average! However, as many as 70% of local businesspeople believe that they are investing enough in this area.

 

Outdated classics still on top

 

For 59.4% of the companies surveyed, antivirus, antispam and antispyware software account for the largest part of their budgets for protection against cyber-attacks. This is the case in particular for Czech and Slovak enterprises, which spend 70% and 68% of their total expenditure, respectively, on such measures. In Poland, Hungary and Romania, antivirus software consumes about 50% of available funds.

 

Only in 2017, companies in the region lost on average 1,100 euros as a result of cyber-attacks. Interestingly, as many as 68% entrepreneurs declare that they did not suffer any losses due to cyber threats. This implies that the average figure for the region is overstated due to companies that have lost more than 50 thousand euros in the past 12 months.

 

“It is difficult to estimate the losses of global business incurred as a result of cyber-attacks; however, it is commonly assumed that they amount for 1 to 3% of global GDP. The scale of the phenomenon clearly indicates that our economy largely depends on resilient ICT infrastructure, and cyber security must become an integral part of the upcoming Fourth Industrial Revolution,” comments Robert Siudak, CYBERSEC HUB Manager.

For more details on studies regarding cyber threats in Central and Eastern Europe, see the “Cyber Threat CEE Region 2018” report, available on the CYBERSEC HUB website

Leave a Reply

Your email address will not be published. Required fields are marked *