Please introduce yourself briefly and tell us something about your background.
My name is Timo Schlüter and I work as Business Owner Cyber Security at Arvato Systems. Having started my dual studies in business informatics at Bertelsmann in 2014, I have always seen and developed IT from the business perspective. Since 2019, I have been shaping our cyber security portfolio and advising customers in various industries. As a Business Owner in Cyber Security, I am responsible for our SOC services and Security Advisory.
What distinguishes Arvato Systems?
Our company sets itself apart from the competition by focusing on four key areas. Firstly, we offer end-to-end security, including consulting, implementation, and security operations. This ensures that our customers can focus on their core business while we care for their security needs. Secondly, we are proud to hold the highest Microsoft partnership in security. This demonstrates our extensive knowledge and experience of the latest security technologies and strategies supported by Microsoft. Thirdly, we have vast experience in critical infrastructures (KRITIS). This makes us a reliable partner for organizations working in security-critical areas and, of course, for non-CRITIS customers as well. Finally, we have expertise in SAP security. This enables us to deliver effective and efficient security solutions for the SAP systems primarily defined as crown jewels. Our broad knowledge and experience in these four areas make us a unique partner in the field of IT security.
How does Arvato help companies?
Global IT specialist Arvato Systems supports major companies in Digital Transformation. About 3,400 staff in over 25 locations stand for in-depth technology expertise, industry knowledge, and focus on customer requirements. Working as a team, we develop innovative IT solutions, transition our clients into the Cloud, integrate digital processes, and take on IT systems operation, support and security. As a part of the Bertelsmann-owned Arvato Group network, we have the unique capability to work across the entire value chain. Through our strategic solid partner network with global top players such as AWS, Google, Microsoft, and SAP, we continuously strengthen our know-how and leverage the most advanced technology.
What do you see differently from prevailing opinions in cyber security?
Most organizations often perceive managed SIEM as the right solution for them, but this is rarely the case. Instead, Managed SIEM should not be seen as a universal solution, but rather as a sensor for specific scenarios when a platform-based XDR approach is not possible.
The implementation of a managed SIEM requires several steps. A large volume of log data from various sources must be processed. In addition, you need to develop your own use cases or correlation rules or adapt those of the manufacturer. Another problem is that managed SIEM often has inadequate or no response capabilities. It is, therefore, essential to know the requirements and limitations of managed SIEM before seeing SIEM as a panacea and implementing it at great expense.
Which security tool categories do you think are over- or undervalued? For example, would you invest in an NDR or an EDR system first?
The answer to an overrated security tool category can be found in the previous answer.
I would recommend investing in an EDR system first, as it offers the best price-performance ratio for both servers and workstations and covers significantly more attack techniques than an NDR.
What’s next – what’s on your technical roadmap, what are your plans for 2024 and beyond?
OT security and SAP security are in my opinion the main drivers in the coming years. We have already secured the first customers well in this area. However, we still see a lot of potential here, as customers’ awareness of the need to become active in this area is often only developing.
If you could send an email to all CISOs to address a security issue, what would you choose?
Cybersecurity must be viewed as a holistic concept, so focusing on just one security issue is not enough. Although it is important to start by raising employees’ security awareness, it is only by taking a holistic view of all areas (workstations, data centers, identities, cloud, business applications such as SAP, OT, governance compliance, etc.) that it is possible to position oneself in line with the current threat situation.