Cybercrime: no end in sight

top cybersecurity companies

New webcast as part of the Link11 Executive Talks on billions in losses from cyber attacks, how companies can protect themselves and avoidable errors in IT security

In this digital panel discussion, Sebastian Artz, Head of Cyber ​​& Information Security at Bitkom, Torsten Merten from the National Situation Center of the BSI and Marc Wilczek, Managing Director at IT security service provider Link11, talked about how cyber damage worth billions can be prevented through appropriate IT security . Tim Wybitul, Partner Data Privacy at Latham & Watkins, also spoke to discuss data security and data protection. The discussion was moderated by Frauke Holzmeier and Andreas Laukat, who work in the business department of RTL News / n-tv.

Cyber ​​attacks on companies in Germany

The media report on successful cyber attacks on companies on a weekly basis: operational disruptions, production stoppages, data theft. Unfortunately, the media perception also agrees with reality. Nine out of ten companies in Germany have already been targeted by cyber attackers, Sebastian Artz specified the situation in the companies on the basis of a current Bitkom study. The BSI also noted a tense threat situation and speaks of a red alert.

Ransomware, phishing and DDoS attacks are among the most common types of attack. The number of DDoS attacks alone has increased by 140% in the past few months, quotes Marc Wilczek from the semi-annual Link11 DDoS report and sees an urgent need for action at many companies. In his view, the need is not necessarily derived from the size of the company. Rather, the yardstick should be the level of digitization in business processes and the resulting dependency on the Internet when attackers literally shoot a company off the Internet.

Avoidable errors in IT security

Many IT managers, but also managers, are well aware of the urgency of the issue, but they underestimate the implementation of IT security. The panel agreed on the biggest problems:

– Incorrect prognoses: Companies deduce from the attack-free past that they will not face any threat from cyber attacks in the future either.

– Unprepared in the event of a crisis: alarm scenarios and emergency plans are not practiced or not practiced often enough. If an emergency occurs, there is panic and valuable time is lost.

– Growing threat from cybercrime: Companies are constantly faced with new types of attack. Known forms of attack continue to develop in the meantime, increasing in complexity and destructive power, so that existing protective solutions are reaching their limits.

– Limited human resources: IT departments have to fend off a large number of digital threats, but often have too few specialists to enable a comprehensive level of security.

Inadequate IT security costs

In view of these errors, weaknesses and problems, it is not surprising that the amounts of damage that result from successful cyber attacks increase from year to year. According to Bitkom, they have more than doubled in comparison between 2019 and 2020 and amount to over 220 billion euros.

In addition to the costs of defending against attacks and restoring the affected systems, there are often follow-up costs for fines or non-material claims for damages, warns Tim Wybitul. Not to mention damage to reputation and loss of trust that cannot always be quantified. For Wybitul, IT security is therefore not just a silo issue for the IT department. Rather, this business risk must be addressed across teams in conjunction with corporate communications, the legal department and the data protection officer. Those who also network with data protection authorities and state bodies such as the BSI in advance can meet the statutory reporting obligations better and faster in an emergency.

Real-time information for better protection

Another advantage of forward-looking cooperation with the authorities and the BSI is that companies have access to current situation reports. The Federal Office provides real-time information on the various forms of cyber threats and possible gateways for attackers, and provides information about protection options. In return, these real-time situational images require information from the company to the authorities, as Torsten Merten describes this form of public-private partnership. The more openly companies talk to official bodies about cybersecurity and hacker attacks, the faster and more well-founded other companies can be warned.

Leave a Reply

Your email address will not be published. Required fields are marked *