According to the RSA Fraud Report for the first quarter of 2020, the coronavirus pandemic played into the hands of online fraudsters who took advantage of uncertainties triggered by Covid-19. Phishing emails and malware masquerading as coronavirus trackers were among the popular machanisms used in attempts to defraud and attack.

For Ingo Schubert, Principal Consultant at RSA Security, his daily challenges include managing organizational risks, securing access to internal company resources and protecting virtual infrastructures and cloud environments.

Are German companies adequately prepared for potential cyber attacks and are their protective measures sufficient?

Schubert: Many companies in Germany are not sufficiently prepared for cyber threats: Many companies cannot ensure adequate protection of their IT environment against cyber attacks and cannot reduce digital risks to an acceptable level. This is often due to insufficient or misguided investments in this area. If companies consider their IT environment to be protected by a firewall and VPN access alone, they are just as mistaken as those who focus their security primarily on their end devices with endpoint security solutions.

Regardless of the budget, which three security measures should companies implement to protect themselves from cyber attacks?

Schubert: In general, measures in three areas are equally important: The protective measures, a detection of attacks and risk management. The basis for all three security measures must be a plan that specifies what to do if a cyber attack occurs - and this emergency is highly likely to happen.

As a rule, however, potential cyber attacks are only checked rudimentarily and attackers therefore remain undetected by the affected company for a very long time.

When such an attack is detected after some time, the confusion is often great and a risk assessment of the impact is not possible. This is due to the fact that in the past, IT managers focused primarily on prevention and neglected other areas:

The security categories of protective measures, detection and risk management must be given roughly the same priority. Strong authentication, efficient network monitoring with additional log management and a solid GRC tool are technical solutions that should be mentioned here.

Keyword security as a service: should the manufacturing and process industry consider managed security services?

Schubert: Apart from a few special cases, it would be foolhardy to ignore MSSPs.

MSSPs not only offer the opportunity to operate a security service more cost-effectively than a company could do itself, but MSSP providers can also assess and respond to threat situations more effectively, as they manage the security of IT infrastructures of various customers from numerous industries. In this way, threats and trends can be identified more quickly and responded to for the benefit of the customer.