Cyprus Registers One Of The Lowest Shares In ICT Security Problems - Eurostat

In 2021 in the EU, 22.2% of enterprises (with 10 or more employees and self-employed persons) in the business economy (excluding the mining and quarrying and financial sector) experienced ICT security incidents resulting in different types of consequences such as unavailability of ICT services, destruction or corruption of data or disclosure of confidential data.

The most frequent consequence reported was the unavailability of ICT services due to hardware or software failures (18.7%). Unavailability of ICT services due to attacks from the outside (e.g. ransomware attacks, denial of service attacks) was far less common (3.5%).

EU enterprises also reported the destruction or corruption of data, caused by two types of incidents: due to hardware or software failures (3.9%) or due to infection by malicious software or unauthorised intrusion (2.1%).

The least frequent consequence of ICT security incidents was the disclosure of confidential data, related to two different reasons: intrusion, pharming, phishing attack, intentional actions by own employees (1.1%) and unintentional actions by own employees (1.0%).

Finnish enterprises register highest incidence of ICT security problems

Among EU countries, the highest shares of enterprises that registered ICT security incidents leading to unavailability of ICT services, destruction or corruption of data or disclosure of confidential data, were in Finland, with more than two-fifths (43.8%), followed by the Netherlands and Poland (30.1% and 29.7%), Czechia (29.3%) and Denmark (26.4%).

At the other end of the scale, the lowest shares were in Bulgaria (11.0%), Portugal (11.5%), Slovakia (12.3%), Hungary (13.4%) and Cyprus (14.3%).