OREANDA-NEWS. June 19, 2015. Some companies do not protect themselves at all. Others turn their company into an expensive Fort Knox. Anyone looking to protect themselves effectively against hackers and data theft should first determine the actual requirements.

Small and mid-size enterprises in particular seem to be totally unfazed when it comes to risks from the Internet. According to a 2014 study from the audit and consulting company PwC, around 25 percent of the companies surveyed had hitherto not taken any suitable protection measures, despite the increasing number of reports about successful hacker attacks and data theft. And for those that had, the security projects in most companies were poorly coordinated with each other, according to PwC.

Victim of digital industrial espionage
Around half of companies in Germany, according to a BITKOM study, have fallen victim to digital industrial espionage, sabotage or data theft over the past two years. Small and mid-size enterprises are most frequently affected. Total annual losses run to around EUR 51 billion.

Lack of security awareness
Why do some companies pay so little attention to IT security? Is it audacity, recklessness or ignorance? “A bit of each,” says Michael Ehrmann, Head of the Security & IT Solutions Competence Center at Deutsche Telekom. His experience from talking to senior managers and heads of IT: “Most of them now know about the risks. However, since hitherto only a few are specifically aware of attacks on their company or existing security gaps, there isn't always an appropriate security awareness.” And so the victims often have no idea that hackers have gotten into their IT systems and tapped critical data. It takes on average more than nine months for companies to identify attacks and instigate defensive measures.

The wrong way
What can we therefore do against threats from the Internet when even large enterprises with their in-house IT security specialists are being hacked all the time? “Doing nothing at all is of course the wrong way,” stresses Ehrmann, “It would be like not putting on your seat belt in the car.” But there is no point either using a sledgehammer to crack a nut. A security concept needs to be tailored to a company's needs. “And that doesn't have to cost tens of thousands of euros.”

The right way
Rather, Deutsche Telekom has developed an 8-point plan to enhance IT security as best practice, which analyzes individual requirements step by step and tailors protection to those requirements. You can download the 8-point plan on the right-hand side or read it here.

In a comparison of 450 providers, the advisory company Experton certified Deutsche Telekom and T-Systems as having an attractive portfolio and proven competitive strength.