Risk management

Cyber incidents are the business risk 2020!

Cyber incidents are the business risk 2020!

The biggest business risk in 2020 worldwide is cyber incidents. This refers to cybercrime and IT failures. However, data protection violations and fines also fall under the risk, which was cited as a business risk by around 40% of the 2,718 respondents. Even business interruption including supply chain interruption thus lands in second place.

Everything depends on IT – if it fails, the business comes to a standstill. Even the supply chains

Ransomware, Zero-Days and other dangers also bring risk into the digital age. Once the data is encrypted, everything happens very quickly. Careful contingency planning, e.g. with IT emergency cards, is a small set screw with the help of which the chaos can be made somewhat manageable. But also regular Awareness Trainings increase the general awareness of IT security. The accommodation of live demonstrations is recommendable. Then the danger becomes tangible for everyone.

Calculating the return on IT security investment is still a challenge in 2020. With so-called Digital Risk Management platforms, a status quo can be presented and security risks can be logged. Investments in security projects must be reflected in the overview of the systems.

In a digitalized world, offline is the biggest danger!

German engineering art captivates by meticulous precision and meticulous care. It is not a matter of “making things overnight”. In the software industry, speed is the key. In most areas, the first one on the market is decisive. Improvements can be made later. A good example is the Instant Messenger WhatsApp. It was not until a few years later that end-to-end encryption was introduced across the board. Only after the market was conquered. An insecure car would never be able to capture a significant market share.

How can the business risk be controlled in 2020?

The Allianz Risk Barometer 2020 does not itself provide any tips. In the end, everything stands and falls with careful planning, organisation and extensive testing. The motto “No backup, no mercy” still applies. In 2016, as part of the great Ransomware waves, this hard credo has established itself. Therefore a good backup strategy is essential. That backups also need to be tested, has been demonstrated by GitLab in the past. Here 5 backups were not in the state to restore the systems. The open communication and quick troubleshooting helped keep the company alive today.

But also regular awareness actions with an experiential component can help to train correct behavior. A Cyber Security Escape Room is an innovative format in such cases. But also the attachment of IT emergency cards is quick, inexpensive and helps those involved to make the right decision quickly.

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.