- Three out of ten companies had to deal with attacks with a critical impact in the past twelve months
- Insurance companies most frequently affected
- Cybersecurity already top priority in manufacturing sector
Cyber risks are presenting more and more companies with enormous challenges. More than a quarter of companies have suffered at least one cyberattack with serious repercussions or damage in the past twelve months, a recent study by the management consultancy Horváth reveals. In the study, 28 percent of more than 430 surveyed board and management members said their company had been successfully attacked by hackers at least once in the recent past. Among insurance companies, this rate is significantly higher, with 56 percent of top executives reporting attacks that caused serious damage.
"The financial industry is considered the most likely to pay ransoms, which is not surprising since it thrives on customer trust," says Dr. Stephanie Nöth-Zahn, partner, CISO and cybersecurity expert at Horváth. According to the study, retail companies are the second most frequent victims of successful attacks (33 percent). They are followed by the automotive, banking, medical technology, mechanical engineering and electrical engineering sectors, each with around 30 percent. Comparatively few successful attacks were recorded in the telecommunications sector (15 percent).
Cybersecurity in the manufacturing sector is already a top management priority
The high level of cybercrime continues to attract attention and trigger a response in the boardrooms of large companies. In the manufacturing industry, cybersecurity even ranks first among the top management priorities. Across all industries, 59 percent of respondents give the topic a very high priority, and another 31 percent a high priority. Only HR issues are just ahead (58 percent "very important", 34 percent "important"). Horváth’s expert Nöth-Zahn comments: "Many companies still invest according to the “watering can" principle. Weak points must first be identified through risk analyses and prioritized. A Cyber Security Maturity Assessment (CSMA), for example, can provide clarity about open flanks and areas for action by systematically analyzing risks and identifying potential for an effective defense program. In this way, investments and measures can be precisely targeted."
About the study
This analysis of the extent of cybercrime in an industry comparison was conducted as part of the annual "CxO Priorities" study by the management consultancy Horváth. For this purpose, personal in-depth interviews were conducted with more than 430 top managers from 19 countries in spring 2023, with a focus on Europe and German-speaking countries. The majority of respondents are employed at companies with annual sales of at least one billion euros and 1,000 employees.