Change of the security perspective


The programs of the lecture events this fall are strongly influenced by the topics of "Digitalization - Cyber Security - Effects on Corporate Security". It is very clear that this subject area is seen as a very strong challenge for companies of all sizes.

The case of a massive cyber attack on the Pilz company has shown impressively how quickly these often theoretical discussions can become reality. According to the press, the company was the victim of a ransomware attack on Sunday 13 October. The company stated that it had become largely unable to work.

Hackers had succeeded in attacking most of the company servers and encrypting the data on them. In response to the cyber attack, the Swabian company took all computer systems off the network and blocked access to the corporate network. Pilz called in the BSI and the public prosecutor's office. A crisis unit was also set up.

On the fringes of a major event on 16 October 2019, the managing director of Pilz announced more detailed information on the cyber attack and its target. Accordingly, it was established on 13 October that the company's server data could no longer be accessed. This was preceded by an attack with the aim of encrypting the data on the Pilz servers, which was also achieved. Now, according to Pilz, there are extortionate demands. Apparently the attack was only about money. The Pilz managing director did not provide any information on the amount. For him, however, it was clear that he would not pay money for his own company data.

The production of safety and control technology still seems to be undisturbed. In addition, the ability to supply certain areas had been restored. Only the automated order processing is currently not working.

This specific case has once again shown how real the threat often perceived as abstract is. From the point of view of the uninvolved consultant, Pilz has solved this case excellently. The Crisis Communication in particular has worked well. Thus, the public was regularly informed via various on- and offline channels. Today (31.10.2019) the own website is still only partially functional.

From this dramatic case we learn how important it is to have a very good interaction between a crisis team and crisis communication. Open communication via all channels (here trade fair presence and social media) creates trust in the public and limits damage to reputation. We also see how difficult it is to stabilize the complex system of such a company after a fundamental attack and return it to normal operations. An educational example for many other companies.

It is becoming increasingly clear to us how important the topic of digital threats and the appropriate response in Crisis and Continuity Management is for a consulting and IT company. With the merger between IB Götsch AG and Verismo, we have taken this development into account. With the certification of our Information Security Management System according to ISO 27001, we have shown that we not only talk about it to our customers, but also subject ourselves to such an important process. Although Information Security is only one, but an important, component in the security architecture of the company of the future.

In these days you will receive our new seminar brochure by mail. Please note our extended seminar offer and get an overview of our training program on our new website. In our training center we offer excellent training opportunities.

We would like to have a direct conversation with you about this topic

Dr. jur. Klaus Bockslaff and Dr. ing. Mathias Götsch

To the information letter as Download