IT security in the public sector: How professional hackers protect authorities and KRITIS

The situation report of the Federal Office for Information Security (BSI) 2022 shows: IT security in the public sector is increasingly threatened. That is why the IT security experts at ProSec not only support companies, but also authorities, municipalities and critical infrastructures (KRITIS) in building their cyber resilience. This post in the Handelsblatt reports how our penetration testers and IT security consultants proceed.

Table of Contents

IT security in the public sector: Current threat situation

The IT security experts at ProSec monitor current cyber attacks on authorities, municipalities and KRITIS very closely. Since the beginning of the Ukraine war, the number of politically motivated hacking attacks ("hacktivism") has been increasing. The high point so far was the "first digitally-related disaster in Germany", as the Handelsblatt reports: The district of Anhalt-Bitterfeld was unable to provide services such as the payment of social assistance for more than 200 days. In the article, our founder Tim explains: "Whereas malicious hackers usually aim to pay ransom, pro-Russian hackers want a show of force."

Our co-founder Immanuel has already advised numerous municipal institutions and repeatedly makes it clear that digitization and IT security in the public sector must go hand in hand: one simply does not work without the other. Because digitization always means interfaces, which in turn represent attack vectors for hackers.


Would you like to lead by example?
Get to grips with IT security now! We advise you in detail.
Talk to experts now

More citizen protection through realistic penetration tests

In the article in the Handelsblatt, Tim and Immanuel make it clear why they are committed to more IT security in the public sector: "Attacks on the IT of public authorities always affect people in the end." We therefore always work closely with municipalities and KRITIS such as municipal utilities, to realistically assess and efficiently improve their IT security.

The cooperation is usually divided into two phases: First, a penetration test is carried out to uncover and document all weaknesses in the organization. Our IT security consultants then support you in permanently eliminating the findings.

In our penetration tests, we act like real attackers and therefore do not limit ourselves to technical vulnerabilities. A physical security check (e.g. access to the server room) is usually checked as well as the weakest link in the chain: the human factor. Because our founders make it clear in the article: An unattended network socket is often enough for them to penetrate their customers' networks. In most cases, however, it is the "human weakness" that criminals exploit.

When IT managers in the public sector work together with experts such as penetration testers and IT security consultants at ProSec, this means more digital and real security for all citizens.


Be safe!
The first step: taking stock with a penetration test.
For the penetration test

Table of Contents