In cybersecurity terms, Swiss SMEs are behind the times according to a new study byDigitalswitzerland, Mobilière, the University of Applied Sciences of North-West Switzerland (FHNW), the Swiss Academy of Technical Sciences (SATW) and the Digital Security Alliance Switzerland.
In fact, it says one in ten have already been the victim of a cyberattack, and, furthermore, this state of affairs shows no sign of improving any time soon.
This is because, the study says, they’re making little progress in cybersecurity terms, and the implementation of protective measures remains insufficient, especially regarding organizational measures.
The results, which were presented in an online press conference, found that 11% of companies surveyed said they had already been victims of a cyberattack that required considerable effort to recover – and half of those suffered a financial loss. A further 13% said the attack resulted in loss of customer data or reputational damage.
Yet, contrary to what those results might suggest, the study also found that most Swiss SMEs say they take cybercrime seriously.
Insufficient organizational measures
The study looked at participants’ judgment surrounding the deployment of several measures (on a scale of 5; 1 = not at all; 5 = fully). It found that technical measures are at a relatively high level, (between 3.9 and 4.5) – and this is virtually unchanged compared to the results of the same survey in 2022 and 2021.
But the same can’t be said for organizational measures – while the ability to recover data was shown to be “under control” (4.2) and personal information is only shared “with caution” (4.2), regular training of employees (2.9) and carrying out a security audit (2.8) are at the other end of the spectrum.
Simon Seebeck, head of La Mobilière’s Cyber Risk skills center, said of the results: “Cybercriminals think in economic terms and seek the path of least resistance”.
He added that SMEs that neglect their cybersecurity become “ready prey”, and the greater the gaps in a company’s cyber defense, the more likely it is that it will fall victim to a fully automated attack.
To make sure you don’t become a statistic,get in touch with usto talk about your cybersecurity needs.