IT security is one of the topics upon which eco has been working intensively over the past number of years. In addition to various eco initiatives, the association also offers first-hand expert knowledge through its Safety & Security Tour. Peter Meyer, Head of eco Cyber Security Services, explains how important the topic should be for every company.
Mr. Meyer, from what you have observed, would you say that digitalization is also altering digital threats?
Yes, without a doubt. Side by side with the rapid advances in digitalization, we are also witnessing a concurrent change in digital threats. A prime example of this is the Mirai botnet, which is comprised mainly of IoT devices and which is growing in parallel with the rise of Internet-capable devices.
The growth of crypto currencies such as Bitcoin has in turn led to a new type of malware, crypto mining. This “mines” Bitcoins in the background on private computers. On top of this threat, digital bank robbers whose particular target are Bitcoin Wallets are also gaining in number. This targeted approach seems to be more lucrative than phishing.
Where do you see the most acute requirement for companies?
The greatest risk for a company is still its employees, which means that relying solely on technical protection against cyber attacks can be highly reckless.
We therefore advise companies to regularly promote their employees’ awareness of IT security. In this regard, it is worth noting that targeted malware and phishing attacks on personnel from the HR or accounting departments have proven to be particularly successful in the past.
What optimization and automation potentials are available?
At this point in time, I would think that companies have come to recognize the importance of IT security. The protection of a company’s own infrastructure should thus be a Nr. 1 priority. IT security should also always play a decisive role in future investments.
Companies should also consider purchasing cyber insurance policies that mitigate damage. An important selling-point for cyber insurance is the security audit. Here, the IT security infrastructure of a company is thoroughly checked in advance, so that possible weak points can be detected – points about which the company itself may not even be aware.
What awaits visitors to the “Safety & Security Tour”?
I believe that visitors to the Safety & Security Tour will get an interesting first-hand insight into the world of IT security. With the companies and speakers that we have lined up, you can be assured of a high quality event.
At the events in Frankfurt and Munich, I’ll be there in person to offer an insight into our latest SIWECOS security project. SIWECOS checks websites for possible weak points and notifies the site owner in case of a find.
The project, which is funded by the German Federal Ministry for Economic Affairs and Energy (BMWi) as part of the IT Security in Business campaign, is being carried out in cooperation with the Ruhr-Universität Bochum, CMS Garden, and the start-up firm Hackmanit.
