IT security: What companies should definitely do now

The Russian offensive in the digital space began some time before the invasion of Ukraine. “While cyber attacks on military target systems, authorities and institutions have been taking place for a long time, digital space only played a secondary role in the first days of the Russian war of aggression. This could change again as the war progresses, and this can have direct consequences for Germany and its economy.

Because the distances in digital space are short and the boundaries are not as clear as they should be,” explains Bitkom security expert Sebastian Artz. “There is no reason to panic, but with Russia’s war of aggression, all companies, organizations and government agencies must pay full attention and be as vigilant as possible in German cyberspace as well.”

The digital association Bitkom gives five specific tips on the preparations and precautionary measures that small and medium-sized companies in particular should take now:

1. Minimize the risks and impact of cyber attacks

Businesses should step up their overall protections. Operating systems and software must be up to date, and security updates must be installed quickly. Secure – i.e. complex and different for each system – passwords contribute significantly to increasing the level of protection. If possible, all logins with external connections should be protected by multi-factor authentication. Privileges and administration rights should be restricted for individual users and the complexity of the services used should be reduced overall. Hardening the systems in this way is advisable to protect your own infrastructure and company-sensitive data, despite the limitations in user-friendliness and productivity. In addition, the company’s own backup strategy must be checked and followed up so that all relevant company data is backed up and additional backup copies exist offline on an external data medium.

2. Clearly define responsibilities

Companies must be able to react in the event of an attack. There needs to be a clear definition of responsibilities in the security area and the establishment of appropriate contact points – both internally and with external service providers. It is important to ensure that sufficient staff are available at all times. Holiday periods or substitutions in the event of illness must be taken into account. It also makes sense to prepare yourself to be able to react at short notice even without the help of external service providers – in the event of large-scale cyber attacks, external parties could reach their capacity limits.

3. Sensitize employees

All experience shows that people remain one of the greatest security risks, but they are also a company’s guarantor of protection. All employees should be made aware of the increased risk of cyber attacks in a way that is appropriate for the target group. This includes clearly explaining potential threats and providing step-by-step instructions on how to behave in the event of an attack and who to contact. If necessary, short-term safety training can be useful. The aim is to increase vigilance in the workforce. Especially when it comes to e-mail traffic, hyperlinks and attachments should not be opened too quickly and unusual instructions should be viewed with skepticism. Very targeted and well-crafted phishing emails are also sent to companies, which means that the fake can only be detected with a few details, such as a misspelled name or an incorrect extension in the signature.

4. Create an emergency plan

In the event of an attack, the company should have an emergency plan that documents how to proceed. In addition to the technical steps that need to be taken, the plan should also include organizational points such as the contact details of the relevant contact persons in the company and the emergency contacts of the official contact points. Legal aspects such as reporting obligations in the event of data protection violations must also be taken into account. Prepared crisis communication is also part of this in order to quickly inform all relevant stakeholders such as customers, partners and the public.

5. Observe information from official bodies