Dr. Lutz Jänicke is Corporate Product & Solution Security Officer in the Digital Processes and Solutions division at Phoenix Contact and is very familiar with the widespread assumption that companies that have not yet been affected by a cyberattack believe they are safe and temporarily neglect the issue of security. Known at Phoenix Contact as "The Guardian of the Networks", one of his tasks is to ensure data security in all processes, both internally and for customers. In this short interview, he recommends necessary measures for future challenges.

Are German companies adequately prepared for potential cyber attacks and are their protective measures sufficient?

Jänicke: Preparation in companies varies greatly. Based on the current incidents at well-known automation companies, the answer can only be "obviously not". The protective measures were not sufficient. And that is not a judgment on the companies concerned. Rather, it must be assumed that very few companies have implemented sufficient measures to withstand a serious, professional attack in the long term. Current examples such as the University Hospital in Düsseldorf, which is classified as a critical infrastructure and therefore falls under the IT Security Act, demonstrate the problem.

The threat situation has worsened significantly in a very short space of time. Attack tools are being developed professionally and distributed via appropriate channels. Attackers are now more than a nose ahead.

Regardless of the budget, which three security measures should companies implement to protect themselves from cyber attacks?

Jänicke: There should be backups of all relevant data and systems. These backups must be stored offline so that they remain intact in the event of an attack. Even if care must be taken when restoring the systems to ensure that no malware gets in or gateways are open, this is the only way to restore business operations promptly, possibly to a reduced extent at first.

Attacks very often take place via infiltrated malware. Attacks via infected email attachments are well known, but are becoming increasingly well disguised. Attacks also take place via web browsers, either via gaps in the browsers themselves or via downloaded files. Accordingly, protection against malware should already be implemented in the form of virus scanners and filtering web and email gateways. Segmenting networks and restricting user rights to what is necessary helps to limit the spread and impact of malware.

The three most important measures are still: awareness, awareness, awareness. Awareness among employees to recognize phishing emails and other threats. Awareness in IT to register anomalies and initiate countermeasures.
And management awareness to provide the necessary resources for security measures.

Keyword security as a service: should the manufacturing and process industry consider managed security services?

Jänicke: Yes. Only larger companies can manage their own expertise and the effort required for good cybersecurity. And even these companies at least seek advice from specialized security service providers. Managed security services would therefore be a helpful offer, especially for small and medium-sized companies. Specialists can then focus on security issues that would otherwise only be dealt with on the side and not with the necessary quality. Because - as already mentioned - the challenges will continue to increase.