Public Sector IT Security: How Professional Hackers Protect Government and CRITIS

The status report of the German Federal Office for Information Security (BSI) 2022 shows: IT security in the public sector is increasingly under threat. That is why the IT security experts at ProSec support not only companies, but also public authorities, municipalities and critical infrastructures (CRITIS) in building their cyber resilience. This article in Handelsblatt reports on how our penetration testers and IT security consultants go about this.

Table of contents

IT Security in the Public Sector: Current Threat Situation

The IT security experts at ProSec are closely monitoring current cyber attacks on public authorities, municipalities and CRITIS. This is because the number of politically motivated hacking attacks ("hacktivism") has been increasing since the start of the Ukraine war. The high point so far was the "first digitally induced disaster in Germany," as reported by Handelsblatt: The district of Anhalt-Bitterfeld had been unable to provide services such as paying social welfare for over 200 days. In the article, our founder Tim explains: "While malicious hackers usually aim to pay a ransom, prorussian hackers are interested in a show of force, i.e. a demonstration of their own strength.

Our co-founder Immanuel has already advised numerous municipal institutions and repeatedly makes it clear that digitization and IT security in the public sector must go hand in hand: One simply cannot work without the other. After all, digitization always means interfaces, which in turn represent attack vectors for hackers.

 

Would you like to set a good example?
Tackle the topic of IT security now! We advise you in detail.
Talk to experts now

More citizen protection through realistic penetration tests

In the Handelsblatt article, Tim and Immanuel make it clear why they are committed to more IT security in the public sector: "Attacks on the IT of public authorities ultimately always affect people." That's why we always work closely with municipalities and CRITIS, such as public utilities, to realistically assess and efficiently improve their IT security.

The collaboration is usually divided into two phases: First, a penetration test is conducted to uncover and document all of the organization's vulnerabilities. Then, our IT security consultants support you in sustainably remediating the findings.

In our penetration tests, we proceed like real attackers and therefore do not limit ourselves to technical vulnerabilities. A check of the physical security (e.g., access to the server room) is usually checked as well as the weakest link in the chain: the human factor. After all, our founders make it clear in the article: an unattended network socket is often enough for them to penetrate their customers' networks. In most cases, however, it is the "human vulnerability" that criminals exploit.

When public sector IT leaders work with experts like the penetration testers and IT security consultants at ProSec, it means more digital and real-world security for all citizens.

 

Ensure safety!
The first step: taking stock through a penetration test.
To the penetration test
OTHER CONTRIBUTIONS

Table of contents

Do you want to be part of our team?