Three strategies to successfully defend companies against cyber attacks

The number of victims of successful cyber attacks is constantly increasing. Prominent targets in the recent past have been Microsoft Exchange and SolarWinds, in addition to the Düsseldorf University Clinic and T-Mobile USA. However, the number of cyber attacks is significantly higher than these examples show.


Cyber ​​criminals and state-backed actors are not just extorting individual financial data, as has been the case in the past, but are also penetrating critical public and private infrastructure. In doing so, they often impair the availability of everything from food to medical data. According to a report by the World Economic Forum, cyberattacks on critical infrastructure, including energy, transport and healthcare, posed the fifth highest economic risk in 2020.


Basically, this growing threat must be seen as one of the greatest dangers society is exposed to – and responded to accordingly. The measures to be taken should be comprehensive, coordinated and fast, both within one’s own organization and across companies and authorities.


In Germany, the Federal Office for Information Security (BSI) keeps an eye on the cyber situation and regularly updates the status of IT security in Germany. The current assessment of the BSI: The IT security situation remains tense to critical. But this assessment cannot be generalized, as some sectors are much more affected than others. The security situation therefore requires not only a coordinated response from society, both at corporate and government level, but also an individual approach to security requirements, because not everyone is on the same level or is exposed to the same threats.


To this end, the BSI published its new cyber security strategy in September 2021. This sets the guidelines for the coming years. Cyber ​​security should be established as a joint task for the state, business, society and science, and the digital sovereignty of the state, business, science and society should be strengthened. In addition, the Federal Government, under the leadership of the BSI, wants to make digitization secure and make goals measurable and transparent. In addition to the appropriate planning and implementation of applications, this also requires appropriate strategies that support companies and authorities in better protecting their IT. Here are some considerations:


  1. Technology and policies should be designed to work seamlessly together.
    The lack of preparedness for cyber attacks is both a technology and policy challenge. From a technological point of view, the traditionally separate areas of IT operations and cyber security must be combined, whether in public authorities or in companies. In addition, the guidelines should create an incentive for the implementation of secure technologies. The industry association VDMA sees the manufacturing industry and the automotive industry as particularly attractive targets. Then there is the health care system. Even if there is currently still a manageable number of successful attacks, these are increasing – and often paralyze companies for six weeks or longer. This is a dangerous development for Germany as an industrial location. In the age of Industry 4.0, machine manufacturers must therefore already consider cyber security when planning their systems (security by design). Of course, this approach also applies to other sectors.

  2. Maintain a comprehensive overview of the IoT infrastructure.
    The pandemic has accelerated many changes. One of them is the transition to a predominantly digital business model. Enterprises and governments have expanded their infrastructures to the cloud, edge devices and mobile networks. This is now necessary for everything from teleworking to digital sales.

    The issue of safety was neglected and not included. The IT department continues to focus on the network security of the classic intranet. But threat vectors can also travel across the Internet of Things (IoT), whether it’s through an edge node or a mobile device. An indication of the speed at which companies have transitioned to models more adapted to a digital lifestyle and the IoT during the pandemic.

    Another challenge: The threat situation has changed in general. Cyber ​​criminals are interested in long-term espionage, selective information leaks, compromising public infrastructure and targeting individuals – not just extorting money by encrypting data. Responding to this new situation requires a unified, operational approach that spans the entire network of data and events.

  3. Using security practices as a competitive advantage:
    Cyber ​​security and IT operations are usually viewed as cost centers. They are charged with compliance, governance, technology infrastructure and support. However, as cyber attacks continue to increase and become more sophisticated, organizations can use their optimized security practices as a selling point to their stakeholders.

Optimized security practices should consist of a combination of best-of-breed technologies and company policies implemented appropriately. This also includes a Zero Trust model, as well as secure cloud services, multi-factor authentication and encryption. Businesses should see these features as benefits for protecting their networks. In order to comply with the relevant guidelines, companies and government agencies should establish a three-tiered IT model that focuses equally on prevention, detection and response. In this way, threats can be combated on a large scale.


A unified system that tracks down cybercriminals in the network, detects threats and automates the response to them is of great importance. This continuous monitoring approach enables security analysts to manage attacks. It also enables you to reliably report which data has been compromised.


This is exactly where technology can help. Modern data search and visibility systems can control every component within the company infrastructure – within the network, in the cloud and on all end devices. This allows threats to be identified and remedied quickly. To do this, logs, metrics and traces are brought together in a scalable platform. This not only serves to ensure safety, but also ensures relaxation for those responsible in the company. In addition, it contributes to a positive turnover.


Cyber ​​attacks are becoming more sophisticated and the threat to companies is constantly growing. Therefore, it is necessary to build a robust, coordinated defense. Businesses should start within their own organization and this should ideally be continued throughout the public and private sectors. At stake is nothing less than personal health, public safety, national security and our free society.