March 14, 2024
Leadership vs. Management, what exactly are the differences? And what is needed in both areas to meet the current challenges?
The situation report of the Federal Office for Information Security (BSI) 2022 shows: IT security in the public sector is increasingly threatened. That is why the IT security experts at ProSec not only support companies, but also authorities, municipalities and critical infrastructures (KRITIS) in building their cyber resilience. This post in the Handelsblatt reports how our penetration testers and IT security consultants proceed.
The IT security experts at ProSec monitor current cyber attacks on authorities, municipalities and KRITIS very closely. Since the beginning of the Ukraine war, the number of politically motivated hacking attacks ("hacktivism") has been increasing. The high point so far was the "first digitally-related disaster in Germany", as the Handelsblatt reports: The district of Anhalt-Bitterfeld was unable to provide services such as the payment of social assistance for more than 200 days. In the article, our founder Tim explains: "Whereas malicious hackers usually aim to pay ransom, pro-Russian hackers want a show of force."
Our co-founder Immanuel has already advised numerous municipal institutions and repeatedly makes it clear that digitization and IT security in the public sector must go hand in hand: one simply does not work without the other. Because digitization always means interfaces, which in turn represent attack vectors for hackers.
In the article in the Handelsblatt, Tim and Immanuel make it clear why they are committed to more IT security in the public sector: "Attacks on the IT of public authorities always affect people in the end." We therefore always work closely with municipalities and KRITIS such as municipal utilities, to realistically assess and efficiently improve their IT security.
The cooperation is usually divided into two phases: First, a penetration test is carried out to uncover and document all weaknesses in the organization. Our IT security consultants then support you in permanently eliminating the findings.
In our penetration tests, we act like real attackers and therefore do not limit ourselves to technical vulnerabilities. A physical security check (e.g. access to the server room) is usually checked as well as the weakest link in the chain: the human factor. Because our founders make it clear in the article: An unattended network socket is often enough for them to penetrate their customers' networks. In most cases, however, it is the "human weakness" that criminals exploit.
When IT managers in the public sector work together with experts such as penetration testers and IT security consultants at ProSec, this means more digital and real security for all citizens.
Leadership vs. Management, what exactly are the differences? And what is needed in both areas to meet the current challenges?
Should standard users in your tenant be allowed to complete an Azure App Registration? The answer is clearly “no” and this article
The bad news first: In Germany there is no central nationwide emergency number for hacked companies or authorities. That's why it is