Dear Mr. Schreiber, how would you describe SySS in 3 quick-witted words?
Quality-conscious, quick, specialized.
Please introduce yourself briefly and tell us something about your background.
My name is Sebastian Schreiber. I studied computer science in Tübingen and founded SySS GmbH during my studies 26 years ago, specializing in penetration testing.
What distinguishes SySS from other providers?
Quality-conscious, quick, specialized.
How does SySS help other companies?
With our penetration tests, we identify vulnerabilities in companies’ IT systems, web applications and software, as well as in tools and electronic components. This enables our customers to eliminate their security vulnerabilities.
What do you see differently from prevailing opinions in the field of cyber security?
Interesting question! I’m not a fan of additional cyber security tools on top of what the operating systems already provide. The reason for this is relatively simple: the root of many problems in the area of IT security is the great complexity of the systems and the high degree of interconnectedness of their components. The idea of addressing this problem by installing additional tools is counterproductive. Additional tools usually run with particularly high rights and usually communicate with the Internet. This not only increases complexity even further; it also increases the attack surface for hackers and therefore the risk of successful attacks.
How has SySS developed over the last 26 years?
Let me answer with some facts: Since 1998, our workforce has grown to over 180 employees. We now have three branches in Germany (Tübingen, Frankfurt/M. and Munich) and a subsidiary in Vienna. Of course, our services have also developed and diversified considerably. In addition to our core area, penetration testing, we now also have departments for red teaming, as well as digital forensics and incident response. We also offer more consulting services today than when we started. Awareness is also a much bigger topic than it used to be – think of phishing of all kinds or social engineering. Our training courses and live hacking events are booming accordingly.
What’s next – what’s on your technical roadmap, what are your plans for 2024 and beyond?
We invest a lot in AI. Recently, I granted my Head of Research & Development tens of thousands of euros for graphics cards to make us even more effective in penetration tests. If we speed up and parallelize steps that can be automated, we have more time for the creative work that makes a good pentest in the first place.
If you could send an email to all CISOs to address a security issue, what would you choose?
Dear CISOs, my advice to you is: base your cyber security strategy on the real, concrete threats. To identify these, carry out regular penetration tests. This will ensure that your cyber security continuously improves and the security loopholes in your systems are closed.
Find out more about SySS GmbH in the Provider Directory.
