Germans are really good at this cybersecurity thing

They enforce strong policies, employees abide by them, and the number of ransomware attacks is fairly low.

Germans are really confident they can handle negligent employees, malicious insiders and malicious outsiders – much more than their counterparts in the UK, US, France. This is according to a new report by Varonis Systems.

The report, entitled “Differences in Security Practices and Vigilance Across UK, France, Germany and US,“ polled a total of 3,027 IT professionals and end-user employees from these countries about cybersecurity, and here's what says:

Half of German employees do everything they can to safeguard their company's data – more than the UK (39 per cent), France (37 per cent) or the US (35 per cent). The Germans also said their companies enforce strictly enforce policies against the misuse of unauthorised data access – a figure also significantly higher than in other three countries.

Data access on a need-to-know basis is also enforced more strictly in Germany than other countries polled in the report.

What's also interesting is that there has been the least ransomware attacks among German companies, yet it's the Germans who are most concerned about this type of malware. 

When it comes to data theft in the past two years, US companies have had it worst (82 per cent), followed by France (80 per cent), the UK (76 per cent) and Germany (64 per cent).

Commenting on the findings, Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute, said: 

"Cultural and business norms vary from country to country, especially in the balance between employee privacy and organisational security. This can affect attitudes, preparedness and resistance to insider threats and cyberattacks. The frequency and severity of data loss and theft continue to rise in a disturbing trajectory. There is far greater employee and third-party access to sensitive information than necessary. Monitoring access and activity around email and file systems is an essential part of protecting data. Executive and IT security leadership have an imperative to improve communication so that all employees and contractors understand their roles in contributing to the protection of important and sensitive data.”