Abstract:

An independent IT security consultant1 and one of Germany's best-known hackers compares the issue of cyber-attacks in Germany with the rise of the Covid 19 pandemic. Both risks are growing enormously fast, are very difficult to stop and cause very great damage. Possibilities of mitigation and treatment are provided by vaccines and intensive care beds as well as the elimination of vulnerabilities in the company and cyber insurance. However, there is often a lack of understanding of prevention and treatment. A look at Germany shows the Hiscox Cyber Readiness Report 2021 (Hiscox, 2021). Out of 1030 companies surveyed in Germany in 2021, 46% said they had experienced a cyber-attack in the last 12 months. In 2020, this figure was still 41%. Own conducted in-depth interviews with doctors in private practice in autumn 2020 have shown that the need for such insurances is non-existent. It is very easy to take appropriate measures in Germany and there are many companies and service providers that offer their products for example a cyber insurance for this purpose. Nevertheless, many companies or doctors’ practices decide against taking out an insurance, or do not deal with these existentially threatening issues. Possible explanations are provided by behavioural economics. In particular, judgement heuristics or "classical" heuristics such as representativity, availability and anchoring/adjustment show such explanations (Pfister et al. 2019 p.133 ff and Theil 2002 p.55 ff).