As the new year begins, German companies are showing heightened concern over new unrest in the Middle East and growing threats of terrorist and cyber attacks. For many of them, security is becoming an increasingly important issue.
Since the attacks of September 11, 2001, their expenditures on security measures, especially logistics costs for inspecting containers, have increased significantly, Anton F. Börner, president of the Federation of German Wholesale and Foreign Trade, said in Berlin on Tuesday. And the costs, he added, "will continue to go up."
Mr. Börner presented a representative study of 1,200 member companies, in which 15 percent of respondents stated that terrorist attacks have made their business activities more difficult. Five percent of those surveyed stated that their business is impaired by counterterrorism measures such as border controls.
Several protective measures have been introduced in recent weeks. Among them: The controversial Data Retention Act, which came into effect in Germany in December, requires telecommunications companies to store the telephone and Internet connection data of all citizens for ten weeks. Also in late 2015, the European Union introduced a controversial new guideline, under which airlines are required to store all passenger data for several months.
Investments in security are urgently needed if we hope to remain competitive. Sabine Poschmann,, SPD Business Expert
"We are seeing an increase in preventive data storage," said Konstantin von Notz, deputy leader and Internet policy spokesman of The Greens parliamentary group. "We are concerned about this development," he added.
According to Mr. von Notz, data storage increases operating costs for companies. For instance, Jan Philipp Albrecht, domestic and judicial policy spokesman of the Green/European Free Alliance faction in the European Parliament, estimates that passenger data storage costs airlines several hundred million euros.
Ultimately, companies must ensure the safety of the data they store. This can be expensive, especially with the growing threat of cyber attacks on companies.
In a survey of politicians and top executives in medium-sized and large companies, conducted on behalf of Deutsche Telekom by the Allensbach Institute for Public Opinion Research and the Center for Strategy and Higher Management, 29 percent of respondents stated that they now spend significantly more money on IT security than a few years ago, while nearly half said their data security spending has increased slightly.
Market research company Gartner estimated that more than $75 billion, or €70 billion, was spent worldwide on cyber defense in 2015, or about 5 percent more than in 2014. According to Gartner, the increase is partly the result of stricter legal requirements. And the U.S. bank JP Morgan Chase estimates that $500 million will be spent on cyber security in 2016, compared to $250 million in 2014.
There are growing fears of a cyber attack. In a ranking of the biggest risks to their companies in 2015, risk managers polled by the Allianz insurance company rated the risk of a cyber attack second only to business and supply chain interruptions. By comparison, the risk of cyber attacks was only ranked sixth in 2014.
But while large companies have apparently recognized the risk, small and medium-sized business often still underestimate it, according to PwC, a consulting firm.
Politicians are beginning to ring the alarm bell. "Investments in security are urgently needed if we hope to remain competitive," said Sabine Poschmann, the center-left Social Democratic Party representative for small and medium-sized business.
Market research company Gartner estimated that more than $75 billion, or €70 billion, was spent worldwide on cyber defense in 2015, or about 5 percent more than in 2014.
Very few companies have a crisis plan that enables them to react to cyber attacks, a study conducted by insurance broker Marsh in the fall of 2015 concluded. More than a third of the companies surveyed plan to use insurance to protect themselves against the digital threat.
A successful attack can be very expensive. In a study, IT security provider McAfee estimated the costs of a typical attact at €1.3 million. Repairing the damage often involves eliminating the malicious software and restoring the website, as well as notifying the authorities, the public and individuals potentially affected by a cyber attack.
Costs can skyrocket when production is interrupted by an attack. If an automaker's assembly lines grind to a halt or an industrial company's furnace has to be shut down, the loss can quickly run into the millions.
In a 2015 study, IT industry association Bitkom estimated losses attributable to digital economic espionage, sabotage and data theft in Germany over the past two years at €102.4 billion.
Dana Heide is a reporter in Berlin. Ina Karabasz covers companies and markets. Kerstin Leitel reports on banks and insurance companies. To contact the authors: [email protected], [email protected] and [email protected]