Dear Mr. Lammerich, how would you describe the Certified Security Operations Center GmbH in 3 quick-witted words?
Innovative, for small and medium-sized companies, transparent
Please introduce yourself briefly and tell us something about your background.
My name is Joerg Lammerich, I am 58 years old and i am the managing director of the Certified Security Operations Center GmbH. I have been working in the industry for around 30 years and have a very technical background. In my career, I have focused on hardware and software development and have obtained various certifications such as ISO27001 Auditor and OSSTMM Professional Security Tester. Around 10 years ago, together with a colleague, I started to develop the brand known today as ‘CSOC’ and the associated MDR/SOCaaS technology. We wanted to create a solution that did not follow the mainstream, but on the one hand gave the SME environment the opportunity to protect itself against cyber attacks and on the other hand also fitted into the budget of these companies.
What distinguishes the Certified Security Operations Center GmbH?
Our service and the technology we use have been developed by SMEs for SMEs. We do not use standard products from current manufacturers, but have spent around 10 years developing a solution that is perfectly customized for SMEs. It is important to us to integrate our customers’ existing security systems in the best possible way and to supplement and enhance them with our solution to create a holistic concept. With our 24/7 control center, we offer our customers certified analysts who evaluate incoming reports with advanced tools and AI support and intervene in the event of an incident. One of our main tasks is regular routine data analyses and threat management. Both areas are proactive investigations and analyses that enable us to identify and respond to new threats at an early stage. Last but not least, we are characterized by transparency in terms of prices and service, which we believe is one of our USPs.
How does Certified Security Operations Center GmbH help companies?
We help companies with the massive challenge of protecting themselves against the effects of cyber attacks in the best possible way. It is important for us to become part of the customer’s IT team, because only together do we have a real chance of meeting this challenge. Customers’ often limited resources in the area of cybersecurity are often a problem that we help them solve. Our service provides the customer with significant support in overcoming this challenge and, above all, in fulfilling legal and other requirements such as Attack Detection Systems in the KRITIS environment, NIS2, DORA, TISAX, for example.
What do you see differently from prevailing opinions in the field of cyber security?
By using our own solution, we are often faced with the statement that we are dealing with the ‘world market leader’ in comparison or that our solution cannot be as good as the solution of ‘well- known’ manufacturers. In various comparisons with mainstream products, we have often shown that our solution is absolutely equivalent and even slightly more innovative in some areas. This statement is backed up by the number of around 210,000 systems that we monitor worldwide.
Then, of course, there is the hype topic of ‘AI’.
‘AI’ does represent a serious threat on the attacker side, but I don’t share the supposed ‘helplessness’ portrayed. ‘AI’ is neither the absolutely massive threat, nor the panacea for everything that we cannot grasp properly. ‘AI’ can help us to become faster and better because it can relieve us of routine tasks and thus free up time for important issues. Especially in the control centre environment, the use of ‘AI’ can help to make processes faster and more efficient. But the emphasis here is on ‘can’
Which security tool categories do you think are over- or undervalued? For example, would you invest in an NDR or an EDR system first?
The question cannot be answered with one tool category or another. The correct answer to this question is ‘it depends’. It depends on which technologies and structures are to be monitored. IT and OT, for example, differ massively here, so the challenges are very different. It is therefore important to understand the customer infrastructure in advance in order to assess which measures are sensible and, above all, necessary.
What’s next – what’s on your technical roadmap, what are your plans for 2024 and beyond?
At the top of our roadmap is the further development and continuous improvement of our existing technology. The second important point we are pursuing is our ‘Tenant technology’, which allows partners and customers to operate our technology with their own control center. We have already made a successful start to internationalization based on this technology by putting a control center into operation in Greece for the local SME sector. Other countries will follow soon.
If you could send an email to all CISOs to address a security issue, what would you choose?
In my view, the biggest problem is still, as it has been for years, the sluggish or non-existent patch management. Let’s briefly return to the topic of ‘AI’. New threats have developed here that most of those responsible are not aware of. When a manufacturer (e.g. Microsoft) publishes a patch, attackers have the opportunity to analyse the patch in minutes by using ‘AI’ and immediately generate malware that exploits the vulnerability to be patched. Patching as quickly as possible is therefore more important than ever. Arguments such as no resources or the fear of faulty patches should not take centre stage. As far as I know, the damage caused by faulty patches is only a fraction of the damage caused by successful exploitation of vulnerabilities.
Certified Security Operations Center GmbH is part of the Provider Directory.
