IT service providers first line of defence for smaller German firms

Small German companies are heavily reliant on IT service providers to help them with cybersecurity, while medium-sized firms are more likely to use specialist cybersecurity consultants, according to research carried out by insurer HDI Versichering, the German retail carrier of the Hannover-based HDI group.

The insurer carried out two studies on cybersecurity at small and medium-sized companies in 2022 and 2023, in partnership with market research company Sirius Campus.

A total of around 1,200 IT and insurance decision-makers from SMEs were surveyed, as well as self-employed people as part of the ongoing project.

Christian Kussmann, board member for companies/independent professions at HDI Versicherung, explained: “Across all companies, IT service providers are the most frequently mentioned source of information on the subject of cybersecurity. Their importance for the cybersecurity of small and medium-sized companies cannot be overestimated.”

Forty-nine percent of those surveyed cited IT service providers as a source of information on cyber topics. At 54% and 56% of those surveyed, the proportion of responses was roughly the same for medium-sized companies with up to 250 employees and for small companies with up to 49 employees.

But just 38% of small companies with up to nine employees cited IT service providers as a source of information. In addition, the media (36%) was cited as an important source of information in this segment. In larger companies, the media tends to play a secondary role in this regard, reported HDI.

The insurer added that medium-sized companies (50%) preferred specialist IT security consultants, just ahead of general IT service providers (47%).

“Many IT service providers also take action on their own initiative to inform companies about cyber risks. Thirty-seven percent of those surveyed stated that they had been actively approached about it by their IT service provider,” Kussmann said.

IT service providers also play a central role in the implementation of preventative measures, said the insurer. Some 41% of respondents stated that their IT service provider had advised them to implement preventive measures against cyberattacks. “However, there is also a dichotomy here: 47% each of small and medium-sized companies made this statement. For small businesses, only 27% agreed with this statement,” said HDI.

The survey found that 43% of medium-sized companies resorted to IT specialists at their cyber insurers to repair damage after a cyberattack. Small businesses tended to resort to other external IT specialists (46%). Fifty-five percent of small business owners relied primarily on their IT service provider.

Back to top button