The blog about your IT security

Cyber security: Where do German SMEs stand?

More than 99 percent of German companies are small and medium-sized enterprises (SMEs) and more than half of all jobs are based there.

And yet large sections of German SMEs underestimate the risks from cyberspace. Successful cyberattacks can pose an existential threat to companies – because in most cases they paralyze their entire operations. Then the battle against time begins. The pressure on medium-sized businesses is increasing: Attacks on corporate IT through forged e-mails, or infiltrated malware, are among the greatest risks for companies today. They paralyze production lines, damage reputations, scare off customers and thus cause enormous financial and immaterial damage. The attackers have long since ceased to differentiate between large corporations and medium-sized businesses. German family businesses and SMEs are just as seriously affected, especially since they are often less well protected than publicly known corporations.

This is why we have compiled the most important statistics and insights for SMEs.

Insight into the cyber security of medium-sized enterprises (SMEs)

In the age of digitalization, it is not only new technologies that are creating incredible opportunities, but also threats from the cyber environment. How important is IT security to German SMEs?

SMEs – the backbone of German industry:

More than 99 percent of German companies are SMEs. Small and medium-sized enterprises generate more than one in every two euros and account for well over half of all of all jobs in Germany. SMEs make a significant contribution to economic strength.

Percentage of SMEs in the German economy
  • 6.01 million businesses and self-employed persons of small and medium-sized enterprises
  • €5.55 trillion revenue of businesses and the self-employed persons
  • 39.67 million employees in the SME sector

Cyber Security – Underestimated and often tackled in a half-hearted way

With their range of innovative business models and high number of patent applications, German SMEs in particular represent lucrative targets for attackers. But at the same time, these small and medium-sized enterprises often underestimate how important comprehensive cyber security measures are. This is also illustrated by the following facts in comparison to large companies:

  • 49% – Almost half of the small companies still do not have any employees dedicated to cyber security.
  • For large corporations, this figure is around 2%.
  • On average, companies spent 13% of their budgets on cyber security improvement measures in 2020.
  • 72% of companies plan to further increase cyber security spending in 2021 – a much-needed investment.
Cyber threats: SMEs are comparatively poorly protected
  • In 2020, one in four companies still has no person that is responsible for cyber security.
  • Cyber security is now a top priority for 63% of large corporations, but only for 23% of small companies.
  • 5% of companies use software that in some cases has not received security updates for years.
  • The darknet contains email and password combinations from almost every second company. One reason for this is that employees had registered with their email addresses on gaming websites or dating platforms.

Cyber Security in SMEs: Now is the right time to act

Rising risks are still underestimated in many SMEs. The sharp rise in cybercrime worldwide in connection with COVID-19 and the resulting damage show how important it is to have a high level of awareness of cyber risks in companies.

The particular problem for companies: If malware exploits a security vulnerability and enters the company’s internal network, the consequences are usually severe. Due to the dense networking, such a virus spreads extremely quickly and can even paralyze entire work processes. In the event of a cyber attack, companies are threatened with the loss of sensitive customer data as well as confidential internal company information. This form of industrial espionage and data theft causes annual damage of €51 billion in Germany. Not only large companies are affected, but also small and medium-sized enterprises.

Start using – The Cyber Security Tool of Tomorrow

In order to identify where vulnerabilities or anomalies exist in the IT structure at an early stage, clear verification and visualization of all individual security risks is essential. This is exactly what we exclusively provide you with on®. Stay up to date with patch and lifecycle management by continuously performing vulnerability scans and find quick solutions to your everyday challenges, or avoid them entirely! Our software® is designed to reduce complexity and workload for IT professionals. At the same time, it is a powerful tool for executives to quickly and easily assess the IT security of a given IT infrastructure. In addition,® provides quick insight into the vulnerabilities of individual home office IP addresses. These can be checked with our “scan yourself” feature, even without registering on our website. Don’t leave cyber security to chance and scan your IT infrastructures continuously!

Follow us on

Subscribe to our newsletter on the topic of cyber security

With our Cyberletter you are always up to date - about vulnerability reports, current IT threat scenarios and other relevant news from the field of cyber security and data security.

With the registration I accept the handling of my personal data (§13 GDPR) and agree to the privacy policy.