Top view of a laptop, notebook, and data charts on a table, ideal for business and work themes.

BSI & TÜV: Worrying Survey on Cybersecurity Among German Companies

ByStefan Karg 12.06.202512.06.2025

The German BSI (Federal Office for Information Security) and TÜV-Verband conducted a survey among German companies to assess the status of cybersecurity in the private sector.

Some worrying results from my point of view are:

50% of the companies do not know the NIS2 directive
(note: the survey does not specify the number of companies in the sample which would be affected by NIS2 directly or indirectly)
While 10% of companies report attacks via their supply chain, only 32% of the companies issue cybersecurity requirements towards their suppliers.
27% of the companies report, that cybersecurity plays little or no role for them
90% of the companies consider their cybersecurity as “rather good / very good”, while the BSI president draws a much more pessimistic picture

🌐 Link to the study:
BSI – Presse – TÜV-Studie zur Cybersicherheit der deutschen Wirtschaft: Bedrohungslage steigt, Unternehmen wiegen sich in trügerischer Sicherheit

🌐 Press conference with BSI and TÜV:
Cybersecurity: Studie zur digitalen Sicherheit der deutschen Wirtschaft | 11.06.25 – YouTube

Political

From a theoretical scenario to dangerous reality

ByStefan Karg 05.04.2024

Since February 2022, cybersecurity threats to railways in the European Union have changed fundamentally: nation-state actors are no longer a theoretical possibility, but a dangerous reality. Russia is trying to sabotage European railways, warns Prague 💡 We therefore need to increase the resilience of the railway system against attacks by very capable attackers with access…

Stefan Karg sitting on a staircase outside of a building with a glass wall.

Conferences / Events

What’s happening in the German security & AI startup sector?

ByStefan Karg 12.06.202316.06.2025

Tomorrow is the final of the “Deutscher Startup-Pokal” for the security and AI sector, organised by GFFT e.V.. 🧔I have been asked to be part of the jury for the security startups that will be pitching tomorrow: 💡 sematicon AG💡 Cybervize💡 ONEKEY Together with the other expert jury members, I will be asking questions about…

Conferences / Events

Key aspects for successful open source software

ByStefan Karg 09.06.202509.06.2025

Frank Karlitschek, the founder and CEO of Nextcloud, gave an inspiring talk at 2025 re:publica conference in Berlin about how to establish a sustainable, enterprise-ready open-source project. 🌐 Link [DE]: re:publica 25: Frank Karlitschek – So baut man ein nachhaltiges Open Source Unternehmen In his talk he highlights the factors making an open-source project successful….

OT | Security | Standardization

Railway Security standards

ByStefan Karg 08.08.202407.05.2025

In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…

Investigation of cyber-attack on Polish rail network

ByStefan Karg 28.08.202313.06.2025

The Polish Press Agency (PAP) reports a cyber attack on the Polish rail network in the north-west of the country in Szczecin. A BBC article reports: “Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.The signals were interspersed with recording of…

Similar Posts