Risk precautions are supposedly just as unwelcome as health precautions. But they are just as important! Various studies prove: Attacks on IT systems and applications are increasing significantly. The consequences are financially devastating.

At the beginning of the year, Michael Kroker set a record for the number of hacker attacks on organisations’ systems and information. According to the “Cyberthreat Report 2022” by colleagues from Acronis, 220 billion euros in damage were caused last year.

Hacker attacks increasingly also on critical infrastructures

What is striking when you follow the media and information portals: The attacks are no longer targeted only at corporations. But they have long been threatening small and medium-sized companies as well as providers of crucial infrastructures such as hospitals, police, public authorities, and wind power plants. Suhl’s town hall, for example, had to briefly pause operations in March. The access to the town council’s digital data and systems was no longer permitted after a cyber attack. And just recently in April, Donau-Stadtwerke became the subject of an attack after a wind turbine operator in Bremen had previously been hacked.

The threatening situation for companies and organisations as possible targets for data and information theft through phishing, malware or ransomware (blackmail with the help of data encryption or theft) is becoming ever greater – with a rising trend.

Risk provisioning for data and information security is a matter for the Executive Board

Responsible people and decision makers are therefore urged to act. In addition to economic consequences, software and system failures as well as data loss are at risk – in the worst case, even legal implications. Particularly in the case of ransomware attacks, the data hijackers are increasingly threatening to publish data. This can result in a considerable loss of trust and credibility for companies and the named operators of critical public infrastructures.

Thus, you are called to act proactively – and should bring IT security to the core of your information architecture. The fact is: within the context of risk prevention, you as a manager are responsible for risk management.

But what can you do to protect yourself? We advise you holistically with regard to an information security strategy. Our Vulnerability Scanning & Penetration Tests help to uncover vulnerabilities before an attacker does. In addition, training courses and courses run by our cooperation partner mITSM help to raise your employees’ awareness of information security. Through information and education, you reduce the risk of your teams falling for malicious content in emails, chats or other communication tools and thus opening the gates to your IT systems for malicious intruders.


photo credit: thomas vanhaecht

More articles

Detect threats with a SIEM system A security information and event management (SIEM) system is a powerful solution that helps organisations detect, monitor and respond to threats to their information security. It enables the centralised...
In discussions with customers and interested parties, we are repeatedly confronted with the statement that security investigations (penetration tests and vulnerability scans) are not necessary in cloud scenarios because the cloud provider (e.g. Amazon Web...
Did you know that numerous ISO standards are largely harmonized with regard to their core structure – chapters 4 to 10? This is true for the international standards for quality management – ISO 9001 –...