In his role as Head of Enterprise Sales for IT specialist genua, Alexander Heckl is aware of the need not only to rely on secure software systems, but also not to neglect the human interface. Heckl sees potential for optimization, which he explains in this short interview, particularly during everyday tasks, whether in email traffic or when dealing with the cloud.

Are German companies adequately prepared for potential cyber attacks and are their protective measures sufficient?

Heckl: When it comes to prevention, the maturity levels of IT security strategies vary greatly. Those who pursue a flexible, future-oriented strategy usually have the necessary know-how and the right tools. This in turn opens up greater scope for action in order to respond optimally to cyber attacks. However, how well or poorly a company is positioned also depends on the industry. Manufacturing companies or energy suppliers, for example, have been at the top of the list of targets for cyber criminals for years and should be equipped accordingly.

In fact, most of these companies also have good basic security measures in place. The question is how dynamically and purposefully this equipment can be supplemented, strengthened and kept up to date with the latest technology. This is anything but trivial, especially when you consider the increasing networking along the value chain. It is both a blessing and a curse: on the one hand, it opens up new options for connecting many players - suppliers, partners, customers - and pragmatically improving manufacturing processes, especially in the context of automation. On the other hand, this very networking increases the number of challenges for IT security.

Regardless of the budget, which three security measures should companies implement to protect themselves against cyber attacks?

Heckl: One focus of measures should be to prevent sabotage via remote maintenance access. Suitable security and monitoring functionalities are already available for all relevant interfaces. The second important area is anomaly detection, i.e. detecting and stopping attacks as early as possible. In this case, the focus is on prevention - which incidentally has not only a technological but also a human dimension. The better employees are made aware of forms of attack such as pishing or drive-by downloads, the more the entry points for cyber criminals are reduced.

The third issue is the compromise of cloud components. Typical risks arise from inadequately secured transfers of process and production data or if the cloud itself is not sufficiently protected. The use of a cloud security gateway, for example, is recommended here. Among other things, this should be equipped with high-quality inspection software and be able to decode and analyze data encrypted with TLS. This allows malware to be reliably detected and blocked before it can cause any damage.

Keyword security as a service: Should the manufacturing and process industry consider managed security services?

Heckl: Managed security services help with the points mentioned above. They can create capacity in the company to implement new protective measures and provide relief in dealing with the dynamics of networking. But here too, the service increases the number of players and therefore the IT security risks. It must therefore also be integrated into the organization and implemented in such a way that there is no potential for attack.