CyberCompare spoke to Mark Sobol about IT solutions.
How would you describe SVA in 3 quick-witted words?Â
Partnership-oriented, passionate, reliableÂ
Now please introduce yourself briefly and tell us something about your background.Â
Mark Sobol has been working in the IT security environment for over 20 years. He has headed up the Cyber Security business unit at SVA GmbH since 2014 and is responsible for the company’s strategic cyber security portfolio, among other things. This includes SOC services, consulting services and other services such as incident response. In his role, he also acts as a consultant and advisor, particularly for C-level contacts.Â
What distinguishes SVA?Â
SVA is the partner for future-proof IT solutions. As an owner-managed and independent company, we attach great importance to personal exchange – from person to person at eye level.Â
How does SVA help companies?Â
Our aim is to give our customers the certainty that they are getting the best solution right from the start. Our employees are passionate about what they do. That’s why we don’t want to take the easiest route, but the best one. We support our customers from planning to operation and beyond. Our teams have the freedom they need to find solutions that will last into the future and prove themselves in the long term. The most important thing is that you can rely on SVA. Thanks to our independent way of acting, we can react flexibly to unforeseen circumstances and advise our customers in the best possible way with foresight every step of the way.Â
What do you perhaps see slightly differently to prevailing opinions in the field of cyber security?Â
SIEM is almost prescribed as a central component of a functioning attack detection system by compliance regulations. In my opinion, the role of SIEM solutions is overrated, especially because most companies and organizations cannot guarantee effective SIEM operations.Â
I think the focus on ransomware protection in recent years is excessive, as attack behavior is changing and ransomware protection will become less important in the future.
In my opinion, the importance of awareness campaigns is also overestimated. They are undoubtedly necessary and useful, but they are also only a (small) part of a holistic cyber security strategy.
 From here, individual priorities can be set that SVA would like to address.Â
Which security tool categories do you think are over- or undervalued? For example, would you invest in an NDR or an EDR system first?
See above.
In principle, I would always prefer product solutions that are categorized as protection according to the NIST Cyber Resilience Framework.Â
What’s next – what’s on your technical roadmap, what are your plans?Â
The future topics for the next few years are solutions and services that increasingly protect cloud and on-prem infrastructures in equal measure. We are also working on transforming hype topics such as Continuous Threat and Exposure Management (CTEM) and Attack Surface Management (ASM) into pragmatic solutions for our customers.Â