Cybersecurity Should Be a Perfect Fit

Ludwigsburg – Individual solutions in the fight against IT attacks are more effective for many companies than standard solutions – and at the same time more cost-effective.

Even though the actual number of cyberattacks on German companies is unknown due to the high number of unreported cases, the risk of becoming a victim of such an attack remains very high. NIS2, the new EU directive aimed at strengthening cyber resilience, intends to bring more clarity by introducing a reporting obligation. The biggest threats companies face include phishing, as well as attempts to penetrate their networks. Weaknesses in internet and VPN gateways and ransomware are additional sources of danger. The consequences of a successful cyberattack can be severe and, in the worst case, life-threatening for the affected companies. These range from threats by the perpetrators to publish sensitive data to completely shutting down the company or, for example, its online store. “If data no longer flows to customers or suppliers, that’s the absolute worst-case scenario,” says Dr. Jannis Stemmann, Co-Founder of CyberCompare – A Bosch Business. Together with Florian Brandner, CISO at sportswear manufacturer PUMA, he discusses in an interview the dangers of cybercrime and how to find the right provider for effective protection.

Mr. Brandner, how often does your company face attacks?

Brandner: We are targeted by cyberattacks several times a month, against which we need an effective protection system. In addition, there are countless phishing emails that are randomly sent to hundreds or thousands of companies daily.

Is it a special challenge to operate globally and have many partners?

Brandner: Yes, absolutely. We need to ensure that all the companies we work with – suppliers, partners, IT system providers – adhere to standards so that we don’t suffer a successful attack through them. Additionally, the many different regulations in various countries add complexity.

Dr. Stemmann, companies need to take action on IT security. Where there is high demand, there is usually also a wide range of options. Does this apply to solutions against cyberattacks?

Dr. Stemmann: The security market is crowded with thousands of providers, making it difficult for companies to keep track and find the right provider with the best solution. Any provider can initially claim that their product and service have certain capabilities that are suitable for the company. Unfortunately, there are hardly any independent tests to compare these products.

So how does a company find the right solution?

Dr. Stemmann: For some companies or public institutions, standardized solutions certainly make sense, but for many, individual solutions are better. So, it’s not enough to just focus on the big providers. Companies should definitely also consider small niche providers, as they are often better able to present a customized solution. Developing such solutions is extremely time-consuming because it is based on a thorough analysis of what kind of protection the company actually needs. Otherwise, the company risks buying many things it doesn’t even need.

Mr. Brandner, how did you go about finding solutions?

Brandner: First, we clarified what the company’s key assets are that need protection, and then, together with CyberCompare – A Bosch Business, we searched for the solution that offers the most effective protection. You need certain features, but not others. And based on that, you choose the solution. I think finding the right partner is a crucial step in achieving long-term success in defending against cyberattacks.

How do you get the best value for money?

Dr. Stemmann: We are confident that savings can be achieved without compromising security. Our approach, based on over 500 projects: We conduct a gap analysis of existing contracts. For new procurements, we use proven templates for performance specifications and requirement catalogs. Our anonymous request for quotes is followed by a quick technical, content, and commercial evaluation.

Brandner: People greatly underestimate the internal costs if they try to handle this on their own.

Dr. Stemmann: Exactly, savings can be used to hire more employees who can then work full-time on security. This often helps companies much more than the latest technical tool.

Press contact: Product Area CyberCompare (GROW/PAS) grow platform GmbH | PO Box 30 02 40 | 70442 Stuttgart | GERMANY
W: www.growplatform.com
M: cybercompare@bosch.com
P: +49 711 811-91494

Original content by: CyberCompare – A Bosch Business, transmitted via news aktuell Text seen on: https://www.handelsblatt.com/adv/presseportal/cybercompare-a-bosch-business-cyberschutz-sollte-passgenau-sein/29972886.html