How can security risks be monitored and managed more efficiently in order to meet stricter regulatory requirements such as the NIS2 Directive and the KRITIS DachG? Maurice Striek from NVISO GmbH talks about this in an eco member interview:
Mr Striek, could you please give us a brief introduction to your company, NVISO?
NVISO is a specialised cybersecurity consultancy that has been providing security solutions for the financial sector, technology companies, public authorities and critical infrastructure operators since it was founded in 2013. With a team of more than 250 security experts in Belgium, Germany, Austria and Greece, NVISO stands out for its extensive industry expertise, a strong customer focus and a position as an expert in the field of cybersecurity. NVISO aims to act as an innovative and trusted security partner to its customers by providing comprehensive services ranging from cyberthreat prevention and detection to security incident response.
Which digitalisation topics are particularly important to you?
As a cybersecurity company, NVISO places great importance on digitalisation issues that affect the security and resilience of information systems. This includes protection against cyberattacks, data security and privacy, the development and implementation of secure network architectures, and the promotion of cyber-resilience in organisations. Furthermore, it includes the management of security incidents and the response to threats, as well as the awareness and training of staff on cybersecurity practices. In this context, continuous monitoring and evaluation of the IT infrastructure also plays a crucial role in identifying and addressing potential vulnerabilities at an early stage. NVISO relies on advanced technologies and methods, such as artificial intelligence and machine learning, to detect suspicious activities and implement automated defence mechanisms.
What are the current challenges in your industry and how are you working on them?
In the cybersecurity industry, companies like NVISO face several challenges. These include the ever-increasing number and complexity of cyberattacks, the need to keep pace with rapid technological developments and the shortage of qualified specialists. NVISO addresses these challenges by continually investing in staff training to ensure the team has the latest knowledge and the best skills. The company is also heavily involved in incident response and works to be perceived as a trusted partner by organisations facing security incidents. In addition, NVISO actively researches and innovates in areas such as malware analysis and reverse engineering to stay at the forefront of the threat landscape and provide advanced solutions to its customers.
In addition to the challenges mentioned above, NVISO is also faced with increasingly stringent regulatory requirements, such as the NIS2 Directive, DORA and the KRITIS DachG, which require companies to adapt and strengthen their security measures. To keep pace with these developments, we are developing specialised consultancy services to help organisations comply with the new requirements. This includes risk assessments, implementation of security controls and compliance audits. In addition, NVISO is committed to education, offering workshops and training courses to increase awareness and understanding of the new regulatory framework. By actively participating in industry events and collaborating with other experts, NVISO promotes the exchange of best practices and contributes to the development of industry standards.
How do you expect your membership of the eco Association to support you in this regard?
As a member of the eco Association, NVISO expects to benefit from a strong network of experts and companies in the Internet industry. The exchange of knowledge and experience, access to the latest research and best practices in the field of cybersecurity are of particular importance. Through its membership, NVISO also hopes to increase its visibility and engagement in the industry to participate in important discussions about shaping the digital future.
For example, the newly launched KRITIS working group of the eco Association offers deeper insights and knowledge from other experts. This working group provides an opportunity to discuss specific challenges and solutions in dealing with critical infrastructures and to share innovative approaches. It also provides a platform for collaboration on joint projects and initiatives that contribute to increasing resilience to cyberthreats at national and European level.
What opportunities does digitalisation offer for the future?
Digitalisation offers the opportunity to develop and implement advanced defence mechanisms against threats. For example, the use of artificial intelligence (AI) and machine learning (ML) can help to detect anomalies in network traffic and initiate automated defence measures. Digitalisation also enables better networking and coordination between different security systems and actors, resulting in faster response times to security incidents. Furthermore, digitalisation allows security operations to be centralised and optimised, leading to more efficient monitoring and management of security risks. The collection and analysis of large amounts of data (big data) also makes it possible to gain deeper insights into threat patterns and develop preventive strategies.
Mr Striek, thank you very much for the interview!
Maurice Striek is part of the Cyber Strategy & Architecture team in Frankfurt. He brings strong expertise in cybersecurity strategy development, risk assessment and management, and proactive integration of security measures. Prior to joining NVISO, Maurice gained experience as a DevOps engineer and system administrator. During this time, he was also involved in the implementation of IT baseline protection, TKG and BAIT standards in the telecommunications and financial industries.