Skip to main content
Contact
Submit RFP

      The threat situation posed by cyber attacks has intensified further since the beginning of 2023. This is shown by the results of our study "From Cyber Security to Cyber Resilience". Security managers from 150 companies in Germany, Austria and Switzerland were surveyed for this study.

      Increased cyber threat situation: Financial companies particularly hard hit

      82 per cent of the companies surveyed reported an increase in threats compared to the start of the year, with this figure rising to 90 per cent for financial service providers.

      Phishing attacks, the geopolitical situation and advancing digitalisation were identified as the main causes of the threats. 71 per cent of companies continue to see a significant risk from phishing campaigns and ransomware over the next two years.

      Insider threats as the new top risk

      The majority of companies identify the disclosure of data by employees as a new top risk. 65 per cent of respondents see a high risk potential in insider threats.

      Ready to talk? Contact us.,
      auto_stories

      Wie widerstandsfähig sind Unternehmen gegen Cyberangriffe? Unsere Studie in Kooperation mit Lünendonk gibt Antworten.

      Jetzt herunterladen

      These are the biggest fields of action in the area of cloud security

      Companies identify encryption and data protection as well as the protection of digital identities and access control as the biggest areas of action in the field of cloud security.

      Many institutions see risks in their cloud migration. However, if implemented correctly, the cloud offers great security. Security by design supports the transformation.
      Christian Nern
      Christian Nern

      Partner, Financial Services, Head of Cyber Security Solution

      KPMG AG Wirtschaftsprüfungsgesellschaft

      Internal security processes and AI: how companies are arming themselves

      59 per cent of cyber attack victims are shifting more security processes in-house in order to take greater responsibility for cyber security themselves and not just delegate it to external IT service providers, who cannot usually be held liable.

      Companies are increasingly relying on artificial intelligence to equip themselves technically for the methods used by hackers and to install defence mechanisms. For example, AI can help companies to uncover vulnerabilities and analyse a wealth of data. But AI knows no law or morality: both attackers and defenders use it to increase efficiency and reduce the costs of their activities.

      Cyber security is about investing wisely and purposefully while finding cost-effective ways to improve security.
      Dr. Michael Falk
      Dr. Michael Falk

      Partner, Consulting, Cyber Security

      KPMG AG Wirtschaftsprüfungsgesellschaft

      Investment themes for the coming years

      Companies will increasingly invest in vulnerability management in the coming years. However, cloud security, identity & access management including PAM and security incident and event management are also seen as important investment topics for the coming years.

      Video: Die wichtigsten Erkenntnisse der Studie zusammengefasst

      Cyber security: what companies should do now

      It is important to make the transition from IT security to cyber security and ultimately achieve effective cyber resilience. 89 per cent of the companies surveyed recognised that it is important to gain transparency about the threat situation. To achieve this, more focus should be placed on the assessment of cyber risks. Knowledge of potential attack vectors is becoming crucial.

      All detailed industry analyses and specific recommendations for action to increase cyber resilience can be found in our study.

      Ready to talk? Contact us.

      More KPMG insights for you

      Your contacts