Almost half of large Swiss companies have already been victims of cyberattacks, often with disastrous consequences, according to a study published on Monday. Forty-five percent of Swiss companies with 250 or more employees have already been affected by at least one cyberattack, reveals the latest report from the SwissVR Monitor. The study, carried out between mid-May and early July by the consulting firm Deloitte and the University of Applied Sciences Lucerne, showed a correlation between the size of a company and the risk of cyberattacks.
Only 18% of companies with less than 50 employees face serious attacks
Based on a survey of 400 board members of large publicly listed companies and small and medium-sized enterprises (SMEs), it found that only 18% of companies with fewer than 50 employees had experienced an attack. severe. “The link between company size and attack frequency is clear: larger companies have greater global exposure and a wider potential target area for cybercriminals,” the report’s authors explained.
Additionally, they suggested that smaller companies may be less inclined to inform their board of directors. Florian Schutz, responsible for the implementation of Switzerland’s national cyber protection strategy, estimated that “all companies are at risk, regardless of their size and sector”. Quoted in the report, he pointed out that “many SMEs lack the financial and human resources to take effective cybersecurity measures, so their expertise and infrastructure are limited or non-existent”. Overall, the survey showed that companies are not sufficiently prepared to deal with cyber threats.
Common Data Leaks
Only 57% of board members surveyed said their board had formulated a clear cybersecurity strategy, and only around a third received regular reports from management on top cyber risks. Worrying situation because cyberattacks can have serious consequences on the operations of a company. Thus 42% of the companies concerned suffered an interruption of their activities, according to the study.
Data leaks and breaks in supply or production chains are also common, sometimes with consequences beyond the company itself. Eleven percent of respondents said customers had been targeted by subsequent attacks. “In addition to lost revenue due to business interruptions, high training costs, for example for restoring data, may also be incurred,” the authors further cautioned.