Broad sections of the German Mittelstand underestimate the risks lurking in cyberspace. Some companies consider themselves too small, unimportant or uninteresting to register on cybercriminals’ radar. That is a fallacy: no company is too small and no data too insignificant to be hacked. Besides, the point is not what hackers do with a company’s data, but what the company can do without it – not a whole lot. What business can function without IT, data, e-mails or internet access? These things are indispensable in the modern economy. Failing to take the cyberspace threat seriously by not being adequately protected can be an existential threat to any business. That is why German insurers are investing considerable effort in fighting cybercrime and providing protection against it. We inform our customers of the dangers they face and how they can avoid them; we review their cybersecurity processes, point out security gaps and – where necessary – request technical and organisational changes in companies’ cybersecurity practices. Insurers are thus helping to strengthen small and medium-sized companies and contributing to the security and prosperity of Germany.