Cybercrime is on the rise. The threats and attacks from malicious hackers are becoming more diverse, complex and dangerous. For corporate IT security, this is becoming a formidable challenge. Software solutions for targeted cyber risk management promise to help.
Cyber attacks are becoming an increasingly serious threat to companies of all sectors and sizes. The range of newly discovered computer viruses and malware variants is increasing at an alarming rate. In particular, the drastic increase in ransomware attacks is worrying IT security experts. Once the malware has managed to penetrate the company network and infect computers, the damage it causes can assume enormous proportions. Ransomware encrypts the files on the hard disk of the compromised system and locks it. As a result, users are denied access to important data, which can completely paralyse both business processes and production workflows in companies. In order to restore business continuity and avert greater damage, those responsible often have only one way out: they pay the ransom demand generated by the ransomware and can thus access the systems again.

Threat potential higher than ever
The current report on the state of IT security in Germany by the Federal Office for Information Security (BSI) shows how serious the situation is. According to the report, the already high threat potential increased further in 2022 and has now reached unprecedented levels. For example, as a result of a ransomware attack on a district administration in Saxony-Anhalt, services close to the citizens were not available or only available to a limited extent for 207 days. In addition, the report shows more than 20,000 newly discovered vulnerabilities in software products for the year 2021, which corresponds to an increase of ten percent compared to the previous year.
The current threat situation is not usually caused by the technologies themselves, but rather by the people who work with them. For example, some employees in companies use extensive shadow IT structures. Although these often prove to be more convenient, they are significantly more vulnerable to cyber attacks than the officially provided IT resources. In addition, many employees are very careless with their passwords, which paves the way for cyber criminals to compromise IT systems.

Cyber policies offer financial protection
Companies should therefore react immediately and initiate appropriate measures to avert danger. However, since 100 percent protection against an attack can never be guaranteed, taking out cyber insurance is recommended. Appropriate policies can significantly mitigate the financial impact of an attack. To assess the risks, insurers like to use cyber risk management systems such as LIFEBLOOD by RIMIAN. The solution based on Software-as-a-Service (SaaS) makes it possible to derive concrete recommendations for action from identified cyber risks and to integrate them seamlessly into business processes. In this way, those responsible receive exact insights into the possible effects of IT security threats on the company. In this way, relevant cyber risks can be managed efficiently and related to the operational value creation processes.
Furthermore, the SaaS software also includes human components in the assessment of risks: Since a sound knowledge and corresponding awareness of employees regarding impending cyber dangers are of central importance for defence, RIMIAN has systematised corresponding training and integrated it into its LIFEBLOOD solution. In doing so, the system automatically checks whether employees have already completed in-house training for information security and data protection. This ensures that staff are always up to date with the latest knowledge. This creates the best conditions for a secure defence against “social engineering attacks”.

• Martin Braun is the founder and managing director of RIMIAM GmbH, based in Füssen.