Blog

How Do DACH Countries Benefit from Cybersecurity Protection Services?

Written by ForeNova | June 7, 2024

Germany, Austria, and Switzerland comprise the DACH region within the European Union. This region is well known for long-standing family-run businesses, including Roche in Switzerland, Rothschild in Germany, and Piëch in Austria.

"The DACH region has a firm presence in manufacturing, construction, scientific research centers like CERN, and banking. Currently, 68% of DACH businesses use artificial intelligence, 69% use cloud services, and 69% use IoT for sustainability initiatives."

Successful cyberattacks put DACH companies, along with others in the EU, at risk for failing to meet compliance regulations, which could jeopardize their ability to get cyber insurance. Business and operational resilience requires DACH companies to deploy effective incident response to help lower the risk of fines, lawsuits, and productivity loss.

ForeNova, an EU-based managed service provider (MSSP), understands DACH's challenges when hackers attack their infrastructures, cloud instances, and users. Working with DACH companies, ForeNova security experts help these firms align cybersecurity adaptive controls with managed security operations services, including threat detection of advanced threats against their email systems.

Are you in the DACH region looking for a managed security service partner (MSSP)?

Click here to schedule a consultation with one of our experts today.

How Important Is Cybersecurity for DACH Companies?

Many DACH companies operate in heavily regulated pharmaceutical, financial, and defense contracting industries. They must comply with several global, regional, and local compliance and privacy mandates.

Along with compliance, cybersecurity protection remains a top priority for DACH countries and firms operating within the EU. Political hackers working with climate-changing activists, the war in Ukraine, and civil unrest partially caused by immigration explain why cybersecurity attacks continue to rise.

“29% of European organizations struggle to make the most of their data because they're worried about data security. Cyberattacks are rising, with 58% of U.K. organizations and 49% of the DACH region reporting more attacks in the past year.”

“Last year, Germany experienced a 28% increase in cyberattacks from overseas, resulting in an estimated €148bn cost to the economy. Additionally, more than 50% of exporters worldwide contemplate moving their supply chains because of geopolitical risks.”

How Do DACH's Technology Advancements Lure Global Hackers?

The DACH region is known for implementing cutting-edge technology earlier than most EU members. DACH countries have led to the greater adoption of digital technology, including more consumers using online shopping sites.

Operating in these sectors also attracts attention from global hackers, cybercriminals, and scammers targeting operational technology (OT) manufacturing, financial technology systems, military-industrial complex intellectual property, and the ever-growing e-commerce sector.

  • Switzerland's e-commerce market is ranked 28th globally. It is predicted to reach about USD 14.22 billion by 2024, growing annually at 4.5%. By 2028, the market volume will be close to USD 16.98 billion. The online retail market share is expected to rise from 14.0% in 2024 to 19.1% in 2028.”
  • Austrian online shoppers spent $10.8 billion yearly, with 6.1 million buying online. Average spending per consumer dropped by 3%, but online shoppers increased by 5%.
  • “The German e-commerce market is projected to reach $119.76 billion in revenue by 2024, making it the sixth largest globally. It is expected to grow at a rate of 4.6% to reach $143.5 billion by 2028.”

These platforms hosted by Amazon, Alibaba, Microsoft, and Orange have become frequent targets. Cyber threat actors use several proven methods to exploit these e-commerce-hosted platforms. Ransomware, account takeover (ATO), email phishing, and Distributed Denial-of-Service (DDoS) are just a few attack methods.

Another rising threat affecting EU hosting providers is crypto jacking. This up-and-coming attack takes over cloud-based instances to execute criminal activities, including crypto-mining. Cloud providers, noticing spikes in demand for computing resources and power, have developed automated countermeasures. Hackers will exploit DACH company cloud instances to run rogue crypto workloads within these cloud-provided platforms.

What Are Top Security Breaches in DACH Countries?

Switzerland, Austria, and Germany have faced security breaches in recent years.

Switzerland

Switzerland's National Cyber Security Centre disclosed over 65,000 classified documents containing sensitive personal information following a ransomware attack. The Play ransomware gang executed the data stolen. Their initial target was an IT vendor called Xplain. Close to 1.3 million files were published on the dark web. Several of these files belonged to high-level Swiss law enforcement and government agencies.

Austria

ADMIRAL Sportwetten is Austria's top bookmaker, with over 200 shops and online options for sports betting in 2023. The hackers used ransomware with double extortion to get the bookmarker to pay a ransom to access their files and another payment to prevent them from having those files published on the dark web.

Germany

Foreign cybercrime in Germany increased by 28% in 2023, raising concerns about Russian hackers before elections. Russian-linked hackers attacked websites in 2023 after Berlin sent tanks, believed in retaliation.

What Compliance Regulations DO EU-Based DACH Companies Need to Meet?

“The DACH region has strict data protection regulations, such as the General Data Protection Regulation (GDPR), that e-commerce businesses must comply with to protect customers' data online.”

E-commerce businesses in the DACH region must follow consumer protection laws regarding pricing, delivery, and returns to protect customers from dishonest practices.

More to the point, Europe focuses strongly on NIS2 and DORA compliance while emphasizing cybersecurity resilience in regulations. France, Germany, Austria, and Switzerland will prioritize compliance with the Cyber Resilience Act. Austria will also focus on the Digital Operational Resilience Act and the Directive on the Resilience of Critical Entities.

Here is a list of other compliance mandates DACH countries need to comply with:

General Data Protection Regulation (GDPR)

The GDPR applies to all EU companies, including e-commerce businesses, and requires them to get consent from customers to collect and protect data.

German Federal Data Protection Act (BDSG)

The BDSG is the German law that complements the GDPR and regulates data processing by online retailers in Germany. Businesses in the German market must appoint a Data Protection Officer if they handle significant personal data.

Austrian Data Protection Act (DSG)

“The DSG in Austria is their data protection law that supplements the GDPR. It governs how e-commerce businesses process personal data and requires a DPO for those handling large amounts of data.”

The Role of an MSSP Supporting DACH Companies in Europe

One cybersecurity attack can destroy entire companies, as seen with cybersecurity breaches like the one at Maersk in 2019. Customers are more aware of cyber risks. Data privacy regulations and rapid digitalization developments create compliance challenges for in-house IT departments. The lack of security expertise and the adoption of new technology have led companies to seek help from MSSPs.

SMEs operating within DACH borders find keeping cybersecurity engineering and compliance expertise expensive and challenging. Like global transnational companies, smaller firms compete for the same talent. Managed security services providers (MSSP) like ForeNova provide the same or better cybersecurity expertise to the SME business community at a fraction of the cost compared to an in-house SecOps team.

MSSPs in the DACH region understand the complex compliance regulations and create service offerings that meet and exceed security protection expectations.

  • Outsource all security operations (SecOps) to an MSSP.
  • Leverage an MSSP for staff augmentation for the in-house SecOps.
  • Leverage after-hours and weekend coverage for the internal in-house SecOps.

Another value-add engagement MSSPs offer is the ability to manage a specific adaptive security control layer, including:

  • ForeNova offers managed email security, data loss prevention (DLP), encryption, and compliance reporting.
  • ForeNova offers managed Zero-trust for remote access control and network segmentation.
  • ForeNova offers managed Security Information and Event Management (SIEM).
  • ForeNova offers Managed Detection and Response (MDR) for network and endpoint security.

Why ForeNova?

ForeNova Security is a leading provider of cybersecurity services and MSSP offerings. For DACH organizations seeking a partner to augment their current security operations (SecOps) team or provide complete 24/7 monitoring and response, threat intelligence, and other cyber defense tools, ForeNova Security has access to experienced engineers to meet your business and compliance goals.

Are you having trouble protecting your organization from cyberattacks within the DACH region?

ForeNova has the answer!

Contact us today to discuss your cybersecurity protection needs, compliance mandates, and how best to leverage our managed services to meet your needs.