Immanuel Bär @ wfg Podcast: 3 tips for cyber resilience in companies

The damage was 203 billion euros Economy in Germany in 2022 due to cyber attacks – this is the current conclusion Report from Schwarz Digital. Economic development must therefore also include the promotion of cyber resilience. The Westerwaldkreis Economic Development Association (wfg) also knows this. The wfg podcast “Highlights” therefore had our co-founder Immanuel Bär as a guest to support SMEs on the topic of cyber security. The conversation resulted in 3 concrete tips that every company can implement.

Table of Contents

Immanuel Bär in the wfg podcast: Cybersecurity through corporate culture

IT security must be a top priority

Cyber ​​security often only becomes a real top priority once something has already happened.

ProSec co-founder Immanuel Bär

Immanuel Bär

Co-Founder ProSec

“Actually everything is very simple and actually everything is very obvious, but not yet so present in everyday life” – this is how interview partner Katharina Schlag summarizes her perception of IT security in the professional and private environment. This also corresponds to Immanuel Bär's experiences: Cyber ​​security only becomes a real top priority in many companies “when something has already happened”. This could be the case either directly through an acute incident in the company itself or indirectly through incidents in the supply chain. In these cases, a crisis team must be formed; it may not be possible to produce or work as usual.

Unfortunately, Immanuel Bär rarely experiences real intrinsic motivation to take care of the issue of IT security. Often it is only an incident or external regulatory circumstances that drives those responsible to call in expert teams such as ProSec. This is the case Early work on your own cyber resilience on your own initiative "economically the smartest and cheapest”, Immanuel makes clear in the conversation.

Report without fear of punishment

For cyber security to work, it must have a fixed place in the corporate culture and not be relegated to the back burner as a necessary evil. But another aspect is also of crucial importance, as Immanuel Bär emphasizes in the wfg podcast: If a team member has clicked on a suspicious link or accidentally disclosed data, the person must be able to report this to their superiors without fear of punishment. Conversely, superiors must react sensitively to such reports.

What can managers do now to strengthen their company's cyber resilience? This is what a wfg seminar series is about, in which Immanuel Bär also shares information and best practices from his many years of experience with ProSec:

Days

Save the date

Keynote speech “Digitization – like awareness of the problem
becomes the best protection” by Immanuel Bär

When? Friday, 15.12.2023/XNUMX/XNUMX

Where? Hotel Deynique (Hilserberg 20, Westerburg)

Details? The website of the wfg

Security Awareness: Think before you click

“User awareness” is a term that you inevitably come across again and again in connection with IT security. However, Immanuel prefers the term “Security Awareness” because it gets to the heart of the matter better and does not place blame on users across the board. Because he is fully aware of this: he himself could be hacked with the right social engineering attack at the right moment.

“We need security awareness that claps.”
Immanuel Bär
Co-Founder ProSec

So how can companies create security awareness in their teams that doesn't wear out or is only processed pro forma? Immanuel formulates his solution with a laugh: “Security awareness that claps.” What do you mean with that? Immanuel explains that at Awareness, he and his team rely less on abstract lectures and more on real experiences. That's why our penetration tests often include social engineering campaigns, in which our pentesters, for example, send simulated phishing emails to the company's mailing list.

“Only when you sit in front of the computer and it really happens do you get the pulse you need to REALLY understand it,” says Immanuel, summarizing the basic idea. The employees are then not left alone with their experiences, but rather, for example, in the context of a highly individual presentation with concrete examples from the campaign, they are comprehensively informed and advised on how they can protect themselves from real attacks of this type.

How do I achieve real security awareness?
Find out about holistic penetration testing.
To our pentest service

Emergency plan: Hacked, what to do?

One thing is clear: there can never be 2023 percent security on the Internet. Nevertheless, in XNUMX no one will have to be completely paralyzed by a cyber incident, emphasizes Immanuel Bär in the wfg podcast. The right preparation is everything: In addition to measures for greater cyber resilience, it is crucial to have a (tested) emergency plan in your pocket.

For companies that don't yet have such a contingency plan, Immanuel and the podcast hosts have some tips:

What measures can I use to efficiently achieve good cyber resilience?
We advise you personally and individually!
Contact us now
DIVIDE
OTHER CONTRIBUTIONS

Table of Contents