As it is well known that with automatization of processes, workflows and facilities in general, the risk of hacker attack is also increasing. The risk itself is currently disproportionately high. During the Corona crisis, many companies quickly switched to home office and remote access – often neglecting the security. Risk manager Markus Oswald knows where dangers lurk and what protects.
Cyber-attacks can endanger any corporation. Right now, hackers have an easy time of harming companies and extorting profits. Because: “A major weak point is home office. Employees‘ private Internet access is often insufficiently protected and is therefore easier to hack than an internal company network,” explains Markus Oswald. The problem: Due to the quick switch to working from home, the employees are often not sufficiently trained, organizational processes have not been adequately prepared and defined. Many service companies are currently overloaded with the external requests. The experienced IT risk manager at risk on mind ® shows that a hacker or a hacker group only needs a few hours to open the door to a company - for example, through the private Internet access of an employee. Then it depends on how well the second and third security layers work in the company. The damage range goes from viruses on the laptop to the decommissioning of all information technology and machine control. “If a hacker has access to the company network, he can often obtain additional access rights. Once this has been done, he can inject malware, encrypt data, switch off services and, if possible, shut down the production and use it to extort money. If the value-added chain in a company is interrupted, it takes a lot of money and time to repair the damage. In most cases, this also severely damages the company‘s reputation,” warns the cyber risk expert.
To know the risk and work against it
To be always on track, risk must be, in advance identified, evaluated and controlled in a target–oriented manner. „With systematic risk management, we can eliminate or minimize potential risks in the IT and OT structure and control the smooth implementation of the necessary security measures. This protects data, reduces the likelihood of cyber-crime incidents and reduces the extent of damage if something does happen“, advises Markus Oswald: „A residual cyber risk can be covered by cyber insurance.“
„Private employee laptops are the entry ticket for hackers to do a huge damage with minimum effort.“
Markus Oswald, cyber risk manager