Cyber incidents are the business risk 2020!

M.Sc. Chris Wojzechowski

Cyber incidents are the business risk 2020!

The biggest business risk in 2020 worldwide is cyber incidents. This refers to cybercrime and IT failures. However, data protection violations and fines also fall under the risk, which was cited as a business risk by around 40% of the 2,718 respondents. Even business interruption including supply chain interruption thus lands in second place.

Everything depends on IT – if it fails, the business comes to a standstill. Even the supply chains

Ransomware, Zero-Days and other dangers also bring risk into the digital age. Once the data is encrypted, everything happens very quickly. Careful contingency planning, e.g. with IT emergency cards, is a small set screw with the help of which the chaos can be made somewhat manageable. But also regular Awareness Trainings increase the general awareness of IT security. The accommodation of live demonstrations is recommendable. Then the danger becomes tangible for everyone.

Calculating the return on IT security investment is still a challenge in 2020. With so-called Digital Risk Management platforms, a status quo can be presented and security risks can be logged. Investments in security projects must be reflected in the overview of the systems.

In a digitalized world, offline is the biggest danger!

German engineering art captivates by meticulous precision and meticulous care. It is not a matter of “making things overnight”. In the software industry, speed is the key. In most areas, the first one on the market is decisive. Improvements can be made later. A good example is the Instant Messenger WhatsApp. It was not until a few years later that end-to-end encryption was introduced across the board. Only after the market was conquered. An insecure car would never be able to capture a significant market share.

How can the business risk be controlled in 2020?

The Allianz Risk Barometer 2020 does not itself provide any tips. In the end, everything stands and falls with careful planning, organisation and extensive testing. The motto “No backup, no mercy” still applies. In 2016, as part of the great Ransomware waves, this hard credo has established itself. Therefore a good backup strategy is essential. That backups also need to be tested, has been demonstrated by GitLab in the past. Here 5 backups were not in the state to restore the systems. The open communication and quick troubleshooting helped keep the company alive today.

But also regular awareness actions with an experiential component can help to train correct behavior. A Cyber Security Escape Room is an innovative format in such cases. But also the attachment of IT emergency cards is quick, inexpensive and helps those involved to make the right decision quickly.

Photo of author

M.Sc. Chris Wojzechowski

My name is Chris Wojzechowski and I studied my Master in Internet Security in Gelsenkirchen a few years ago. I am one of two managing directors of AWARE7 GmbH and a trained IT Risk Manager, IT-Grundschutz practitioner (TÜV) and possess the test procedure competence for § 8a BSIG. Our bread and butter business is performing penetration testing. We are also committed to promoting a broad understanding of IT security in Europe, which is why we offer the majority of our products free of charge.