According to a survey by the Digital Security Authority, 49% of businesses have been attacked/breached in the last 12 months with an average of 1 attack per week
About one in two businesses in Cyprus has suffered some kind of cyber attack/breach in the last 12 months, according to research by the Digital Security Authority. The percentage of citizens (53%) who have been attacked in the last 12 months is also at the same level.
As noted in a related announcement, the Digital Security Authority conducted 2 pan-Cypriot surveys in the months of October-December 2023 to collect data and information on cyber security in the Cypriot territory, the first survey was addressed to businesses and the second survey was addressed to citizens.
Αποτελέσματα ερευνών σε πολίτες και επιχειρήσεις για την κυβερνοασφάλεια
Η Αρχή Ψηφιακής Ασφάλειας στα πλαίσια των αρμοδιοτήτων της, έχει διεξαγάγει 2 παγκύπριες έρευνες για τη συλλογή στοιχείων και πληροφοριών για την κυβερνοασφάλεια στην κυπριακή επικράτεια. Τα κυριότερα… pic.twitter.com/3ZnjBNFG4R
— Αρχή Ψηφιακής Ασφάλειας, Εθνικό CSIRT-CY (@NationalCsirtCy) December 21, 2023
The main results of the research concerning the businesses were presented at the meeting of involved bodies and authorities held on December 19, 2023.
One attack a week – Up on last year
For businesses, almost half (49%) have experienced an attack/breach in the last 12 months with an average of 1 attack per week, an increase from the 3-4 attacks per month compared to last year. Also, of the businesses that were attacked, for almost half (46%) there was a financial cost amounting to 27 thousand euros on average, i.e. it has increased by about 4 thousand euros compared to last year.
According to the survey, the most frequent attack received by businesses is phishing, i.e. fraudulent email messages with 43% (an increase of 7 percentage points compared to last year). At the same time, almost one in four companies has more than 1 year to create, update or revise their cyber security policies, so that they keep up with technological developments.
Ignorance of prevention methods
Also, the survey showed that there is ignorance on the part of companies about seminars offered on cyber security issues since almost half of the companies (46%) do not know about them, while only 17% participated. Those businesses that participated in a seminar, raised awareness and took actions to strengthen the security measures they take.
Finally, it is reported that the average amount that companies invest in cyber security tools and services per year amounted to approximately 11 thousand euros.
Attack on 53% of citizens
As far as citizens are concerned, the research shows that 53% have been attacked in the last 12 months with an average of 25.9 violations/attacks per year, with the increase compared to last year reaching around 25%.
In addition, of the citizens who were attacked, 19% reported that there was some cost amounting to 141 euros on average. It is particularly interesting that although the average number of attacks increased from 20.9 to 25.9, a decrease in the cost of cyberattacks (-177 euros) is recorded, a fact that is probably due to the increased ability of citizens (+9%) to recognize fraudulent messages.
At the same time, the most frequent form of attack is shown, based on the research, to be phishing, i.e. misleading messages, received via e-mail at a rate of 36%. In fact, the method in question shows a 6% increase compared to last year, while, as noted, in the case of citizens who did not receive any kind of attack/breach in the last year, 89% do not exclude the possibility of falling victim to a malicious attack in the future. This percentage increased by 7% compared to last year which shows that citizens are more aware of the dangers of the internet.
It also became clear that there is ignorance of the citizens about offered seminars on topics related to cyber security since 74% declared ignorance about them while only 11% have participated in them but also that after attending seminars the most important changes they made were using strong passwords, changing passwords frequently and avoiding suspicious websites.
The two surveys were conducted in parallel on a sample of 1006 citizens and 444 businesses from a wide range of industry, trade and service sectors.
Based on the above results, the Digital Security Authority notes that it intends to organize training seminars to strengthen knowledge and skills in cyber security matters, as well as information and awareness campaigns in the near future for both citizens and businesses.< /p>
It is finally stated that these surveys are the second in a series of mapping of the image in cyber security issues in businesses and citizens in the Cypriot territory and that the mapping will continue on an annual basis and will be enriched based on developments and needs in information that will arise.
source: Economy Today