From mountain to molehill - countering cyber threats with preparation

Focus on challenges, solutions and the future of cyber security

Highlights, Tech // Eva-Maria Cromm // Mar 21, 2024

Cybersecurity is not just a buzzword, but an ever-growing battlefield in the digital world and has long been a billion-dollar business for hackers. In an exclusive interview with our colleague and cyber security expert Eugenio, we delve into the world of cyber security and find out how companies can protect themselves effectively.

Eva-Maria Cromm, Tallence Editorial Team:
Hello Eugenio! It's great that you're talking to us today about current challenges and solutions in the field of cyber security. An omnipresent topic with a media presence. Let's take a current case as an example: 4 weeks ago, a cyber attack paralyzed the website of Copenhagen Airport. According to media reports, it was a distributed denial of service attack, known as a DDoS for short, in which hackers deliberately overload websites with a large number of requests. Nothing worked on the website of the Danish capital's airport.

Eugenio Carlon, Head of Cyber Security:
Hello Eva, thank you very much for the opportunity to talk about this important topic. And indeed, the hacker attack in Copenhagen is an alarming and tangible example of the real threat that companies face today. Even though the airport operator was able to switch to other channels - they provided information about the incident via their Facebook page and advised passengers to use alternative communication channels such as their own smartphone app - the damage was considerable.

Eva:
In this case, a great advantage of media diversity if companies and organizations can inform their customers via more than one medium. But isn't it also a risk, as it offers a broader attack surface? After all, all channels must also be protected.

Eugenio:
That's right in principle. We now live in a highly networked world in which dependence on digital systems and services is constantly growing. Therefore, companies of all sizes and in all industries must also be aware that they are potential targets for cyber attacks, which are naturally directed at all sensitive locations. IT security starts at the workplace of each individual employee. After all, what good is the best firewall if employees are not adequately trained and are subsequently insecure, for example when dealing with phishing emails, and then carelessly open links that can cause major damage.

Companies must create awareness and always understand cyber security as a holistic task, taking into account all their media and internal points of attack.

 

Eva:
What role does the size of a company play? Are larger companies more at risk?

Eugenio:
Hacker attacks like the one on the Copenhagen airport website clearly show that cybercrime is a serious threat that doesn't just affect large organizations. Smaller companies are also increasingly being targeted. And there are reasons for this: Larger companies often protect themselves better, so hackers shift their focus. Smaller companies tend to think "Let's not make a mountain out of a molehill. We're small and insignificant, nothing will happen to us." And that is of course fatal, fundamentally wrong and extremely dangerous. We absolutely emphasize the urgency for companies of all sizes to adequately protect their IT infrastructure and proactively defend themselves against threats of this kind. We help them do this because it's about making a mountain out of a molehill - for companies of all sizes.

 

The topic is serious and we will not stop emphasizing the importance and scope of cyber security. If you take a look at the market figures, you will see that they have been increasing linearly and continuously for years. The volume of investment in hardware, software and security services has more than doubled in the last 8 years and can be projected to total over 7 billion euros this year, with the trend continuing to rise. This contrasts with the damage caused, which is mainly due to data theft, industrial espionage or sabotage. However, the upward curve is steeper, as the quality and quantity of attacks on companies has changed dramatically in recent years. Ransomware against companies to extort money, DDoS attacks, as in the Copenhagen case, mostly against state organizations and attacks on the supply chain to gain access to corporations and public institutions are on the rise. In addition to global wars and terrorist attacks, the main drivers of cyber security growth are advancing networking. Digitalization has turned out to be a real business enabler for hackers, and the amount of damage last year was over 200 billion euros. In addition to the damage to IT systems, associated downtime and loss of sales, the damage to our image with customers and suppliers is particularly negative and can be high.

Nevertheless, this should not deter or even paralyze us, but rather provide an incentive to arm ourselves further and position ourselves securely. We have all the means at our disposal to do this sustainably.

Statista

Eva:
Let's go into more detail about that, because it sounds really alarming. What are the steps that Tallence advises and advises companies to take to better protect their digital data?

Eugenio:
Basically, at Tallence, as a consultancy, we look at the big picture. Our aim is to help customers and provide them with the best possible solution. This means that we look at each initial situation individually, base our advice on their needs and then derive the right steps to take. We talk about information security consulting and carry out projects with customers, taking into account ISO and BSI IT baseline protection, among other things, right through to operational support.

Eva:
So it's a holistic approach. What specific steps and results can companies expect from Tallence?

 

Eugenio:
In addition to overarching information security consulting, we look at IT security to consider a company's entire IT infrastructure from a security perspective and implement appropriate protective measures. Tallence develops design and architecture concepts that ensure that companies are protected at a technological level. We also offer anti-DDoS services to mitigate, block or prevent network overload attacks.

Cloud security is another important area, especially as many companies are now using cloud services. Here, we support companies in protecting their data in the cloud from unauthorized access and meeting compliance requirements. This includes implementing and configuring security solutions in the cloud to identify and address potential vulnerabilities. We also offer C5 testing services to verify the effectiveness of security measures in the cloud.

Eva:
In preparing for our topic today, I researched a term or two. So I know that C5 testing refers to testing and certification under the "Cloud Computing Compliance Controls Catalogue", or 5 x C.

Eugenio:
Yes, exactly. C5 is a catalog of security requirements for cloud service providers in Germany that was developed by the German Federal Office for Information Security (BSI). These tests relate to various aspects of cloud security, such as data protection, compliance and data security. Companies that offer cloud services can position themselves as trustworthy providers through successful C5 testing, especially with regard to customers and organizations that have strict compliance requirements.

We help our customers to secure the cloud environment itself as well as specific cloud services. We pay particular attention to container workloads in the serverless environment or container orchestration with Kubernetes. Thanks to our many years of experience and "Kubernetes Certified Security Specialist" certified employees, we find the right secure solution for our customers' specific use cases.

 

Eva:
Let me come to another keyword: Secure Digital Identities. Once individual cards in sacred card index boxes and now ... the world has turned. But personal data is still a major asset that needs to be protected, and this applies to the data and access rights of employees, external persons and, of course, customers. In addition, there are authorizations that are stored in the system and need to be set up and managed securely there, right?

Eugenio:
Secure digital identities are of crucial importance for companies. Nothing has changed in this respect. However, the methods and possibilities have. The right system helps companies to ensure the security of digital identities. We support customers in selecting suitable identity management systems and identity access management systems, or IDM and IAM for short. Because one system is not the most suitable for everyone. We support customers during implementation and project management. Here, too, we develop tailor-made solutions for holistic customer identity and access management, in which the security of the individual identity-centric solutions environment plays a central role.

 

I would also be happy to describe our approach in concrete terms. After all, the challenges in identity management are many and varied. The questions are often whether and how it can be ensured that authorizations are immediately adjusted or withdrawn when employees' tasks change or they leave the organization, or how time-consuming it is to prove adherence to legal and regulatory compliance requirements. As part of identity management, we offer the planning and introduction of an automated identity management system that ensures the transfer of internal employees from the existing HR systems and regular reconciliation between IDM and HR. The central recording and management of external employee data is another building block. This is always accompanied by the definition of roles and associated authorizations, as well as role-based authorization management. Ultimately, we can enable a digital workflow for requesting and approving additional required authorizations and also create automated provisioning and deprovisioning of user accounts and authorizations in applications and systems.

As a matter of principle, we pursue a neutral consulting approach that is process-oriented and not vendor-driven. The first step is to analyze the legal, regulatory, contractual and operational requirements, which we use as a basis for recording, coordinating and consolidating the objectives of identity access management. We then look at the identification of identities, authoritative sources and systems, define the scopes with regard to identities and target systems as well as the processes to be covered. We analyze and weight the requirements and ultimately provide support in the selection of a suitable IAM system.

As part of the process, our services always include the development of security concepts and training programs to raise employee awareness of the risks of cyber threats.

Eva:
That sounds extensive and complex. You just mentioned raising awareness among employees and also mentioned phishing at the beginning. Whether in business or at home, we have become accustomed to spam and we all believe that we can easily separate the wheat from the chaff in the many emails that arrive every day. But appearances are deceptive, aren't they? How good are we at reliably distinguishing between good and bad here, and thus protecting ourselves and company data?

Eugenio:
There is still a lot of catching up to do in this area. That's a great keyword to add a few of our top ten tips on the topic of "secure Internet". After all, many serious mistakes can be avoided if you are educated and vigilant in protecting your digital life. The first and most important point is: think first, then click. Users must be made aware not to open unknown links or attachments in order to protect themselves from phishing attacks, as they can avert most disasters from the outset.

 

We must not lose sight of this: Artificial intelligence is not only helpful support for us normal people with positive intentions in what we do in our private and business lives. AI is also a great tool for hackers. They enrich the bots with information and facts, create profiles of people and institutions and automatically generate emails that combine professional aspects in the content with a privately triggering hook, and then you click on it. The emails are so perfidiously clever and good that they are unfortunately all too often successful in a negative sense.

Eva: 
Means AI is playing into the hands of hackers. That's worrying.

Eugenio:
Absolutely. When executing code, the dark net flourishes. That's why it's all the more important to be critical and not be guided by emotions when reading the email subject line: Think first, then click. So simple, so important. Another tip is a lean approach to user rights. It doesn't always have to be admin rights. Sensible restrictions can minimize potential damage caused by malware and unauthorized access. And then there is multifactor authentication, or MFA for short. A really effective tool. You significantly increase the security of accounts by activating MFA. After all, security should never depend on just one factor, right? 

Eva:
Clear point for you. And not only that. Ultimately, the advantage and benefit for the users and companies that follow the advice.

Eugenio:
We like to engage in intensive discussions with our customers. It's often not the really big, complex issues, but the many smaller adjustments that make systems more secure.

Eva:
That's a good closing remark, Eugenio. And at the same time a call to take small and larger steps towards security in the company now. Thank you very much for the interview!

// Contact

Eugenio Carlon

  • Head of Cyber Security

At a time when digital risks are growing inexorably, it is crucial that companies and individuals are not just reactive, but proactive. Experts like Eugenio and his team ensure that our clients are best placed to meet the challenges of the cyber world with knowledge, system security and determination and peace of mind.

Feel free to use the contact form to ask us the question you may have missed the answer to here. We look forward to exchanging ideas with you!