ICT security measures used by EU enterprises in 2022

In 2022, 92% of EU enterprises with 10 or more employees and self-employed persons used at least one measure in order to ensure integrity, availability and confidentiality of their data and ICT systems.

This information comes from data on ICT usage and e-commerce in enterprises published by Eurostat. The article presents a handful of findings from the more detailed Statistics Explained article.

The most common measure used to ensure integrity, availability and confidentiality of enterprises’ data and ICT systems was strong password authentication (82% of EU enterprises), followed by data backup to a separate location or cloud (78%) and network access control (65%). The least common measure was user identification and authentication via biometric methods (13%).

In order to remain effective, security measures and procedures should be documented and updated regularly, to keep them up to date against the fast-evolving security threads. In 2022, 37% of EU enterprises reported having documents on measures, practices or procedures on ICT security. Two-thirds of enterprises in Sweden (66%) reported having such documents, while shares higher than 50% were registered also in Finland (57%), Denmark (55%), Portugal (54%) and Ireland (51%). On the other hand, less than a quarter of enterprises had documents on measures, practices or procedures on ICT security in Greece (18%), France (21%) and Bulgaria (22%).

Almost one quarter of EU enterprises (24%) have defined or reviewed their documents on measures, practices or procedures on ICT security during the last 12 months. For 9%, this was the case between 12 and 24 months ago, and for another 5%, it was more than 24 months ago.

EU-US Trade and Technology Council addresses common challenges and responds to global crises

More information

Eurostat