In times of digital transformation, publishers are increasingly being targeted by cyber criminals worldwide. Technically adept attackers are stealing data, paralysing servers, locking out administrators, demanding ransom money, hijacking well-known websites and publishing fake news - the number of such headlines is on the rise. The damage caused by these perfidious attacks, which are increasingly being carried out automatically with the help of bots, is immense. The following applies to publishing houses: without up-to-date cybersecurity and the associated holistic risk management, the business model is jeopardised.
Many industry representatives in Germany are aware of this. This was recently confirmed by our survey for the "Publishing Trends 2023" study. 75 per cent of participants described the threat to corporate security as a "megatrend". So the topic is right at the top of the agenda. But what exactly does that mean?
In our special study "Publishing Trends Special", we explicitly focus on cyber security in publishing houses. We analysed how companies protect their digital infrastructure and monitor the effectiveness of the measures. The results of a survey of 118 publishing houses in Germany are remarkable.
Key findings at a glance
- The survey results show that publishing executives are aware of the threat situation. Cybersecurity is a very high priority for the majority. Large press publishers in particular see themselves exposed to increased risks.
- Half of those surveyed reported at least one cyberattack in the past twelve months - and almost 40 per cent of those attacked were successful in at least one of the attacks.
- Most publishers consider themselves to be well positioned in the three security categories of prevention, detection and response. However, cyber criminals often have a head start in terms of technology and expertise.
- The effects of successful cyber attacks are serious: 50 per cent of the affected publishers experienced a noticeable impact on their business activities. Data loss, financial losses and reputational damage are the most common consequences.
- 28 per cent of the publishers surveyed have a detailed security concept, a further 47 per cent have a general security concept. 56 per cent also have a monitoring system that is active around the clock.
- Most publishers rely on partnerships and external help for security checks of protective measures. But only a few publishers carry out GAP audits. Measuring the security status using KPIs is also rare.
Dr. Michael Falk
Partner, Consulting, Cyber Security
KPMG AG Wirtschaftsprüfungsgesellschaft