The complex networks that connect companies, customers, and suppliers around the world mean that demand for IT security solutions is growing. This can also be attributed to the increasing number of targeted attacks on IT systems and the enormous damage cybercrime can cause. With this in mind, it’s crucial that companies fully secure their IT landscape and subject their security measures to regular examinations.
Thanks to our decades of experience working with the particularly high security requirements in the aerospace industry, Lufthansa Industry Solutions is a top expert in the field of information security. We offer state-of-the-art security technologies and IT services – from analyzing security requirements and developing security concepts through to implementing and operating IT security systems. Our solutions include architecture and platforms to enable secure mobile access, as well as penetration tests and security audits to combat cybercrime.
Why is IT security important for companies?
Recent years have seen a marked increase in cybercriminality, especially in the manufacturing industry. This makes it all the more important that companies prepare accordingly: with up-to-date, comprehensive security solutions that continuously examine every area of their IT systems.
IT trends: Companies must be prepared to respond
- Classic IT structures are increasingly being replaced by cloud computing.
- The Internet of Things (IoT) is also set to shape how IT structures develop in future.
- The protection requirements of mobile communications are growing.
- Mandatory data privacy requirements have been intensified by the GDPR.
Marked increase in cyberattacks on companies
The Internet of Things (IoT) and Industry 4.0 are developing and spreading at a rapid pace. As companies migrate to using mobile devices and smart technologies to handle their processes, the quantities of data and data interfaces are growing – as are the potential opportunities for cybercriminals to launch attacks. This development is also reflected in how IT service providers view IT risks: more and more consider the potential threat to be rising sharply. Nevertheless, many companies still underestimate these cyber-risks – and the extent of the damage they could cause. For example, a server overload triggered by a DDoS attack could result in a total outage of a company’s in-house IT structures, bringing all business operations to a halt. Our tailored IT security concepts for companies therefore comprise regular inspections and updates for existing protective measures.
Cyberattacks on companies
According to a recent Bitkom study (in German), more than half (53%) of German companies were victims of a cyberattack in 2017. Data theft, corporate espionage, and IT sabotage caused total damage of € 55 billion.
Elevated cyber-risks for industrial, automotive, transport, and logistics sectors
Due to their central importance, certain sectors of the economy are particularly at risk; as a result, they are subject to specific legal requirements, such as the IT Security Act (IT-SiG) and KRITIS regulations. That does not mean, however, that other sectors can rest easy: cybercriminality can affect companies of every size, in every sector.
The number of attempted attacks and security incidents has risen sharply in recent years, especially in areas which are already heavily networked, such as the automotive, industrial, transport, and logistics sectors. This has forced decision-makers to re-think their approach. While attacks were once a localized problem for the direct victims, as business sectors have become more closely interconnected, suppliers, partners, and customers have come to be affected. The resulting damage to corporate image, the costs of production losses, and liability risks all continue to rise. Appropriate protection for IT systems has therefore become a fundamental requirement for companies and the best possible investment protection for entire supply chains.
Which IT areas are most at risk?
Today, mobile and networkable devices are part of everyday operations for almost every company. This could be for internal and external communications, to create concepts and conduct accounting, in sales and distribution, for system maintenance, in the logistics chain, or in the form of “smart” security components. This is not to forget sensors and other intelligent technologies in production machinery, IP cameras, and cloud-based data storage; the latter increasingly being used to ensure that important information is made available to customers, partners, and employees, anywhere and anytime. Rapid technological developments and the wide array of devices in use make it difficult for companies to maintain an overview of current IT risks – and implement the comprehensive IT protection required in response.
As a result, it’s not just IT landscapes that are in flux, but also IT security: IT experts regard IoT and cloud computing as the most significant drivers behind transformations in the field of IT security.
IT analysts estimate that, by the end of 2017, the number of networked devices totaled 8.4 billion – with this figure set to exceed 20 billion by 2020. The rapid growth in the number of networked devices is making IT security into a challenge: many IoT devices feature security defects due to their manufacturing, such as a lack of update functions, protocol weaknesses, or insecure data storage systems. These issues have been – and continue to be – exploited by cybercriminals. However, a lack of awareness among IoT users also harbors risks: for example, using weak passwords to govern administrator access or neglecting to install security updates. To ensure IoT security is effective, beyond devices and software, a company’s entire digital process needs to be analyzed and can be examined for weaknesses with the help of penetration tests.
Nowadays, cloud services have become standard for companies. Outsourcing IT operations to a cloud service provider is a convenient, cost-efficient measure – but also involves delegating aspects of IT security to an external provider. In many cases, cloud service providers are only responsible for the physical security of their computing center, the security of servers and basic network structures, and for certain basic applications and standard functions. What’s more, ensuring that cloud technologies are used securely is a responsibility usually given to end users, as are defining access rights and controlling identity management within the company. Legal security provisions also play a role for cloud security. To protect against cyberattacks, data losses, and server outages, but also to prevent liability claims, it is important that the duties and obligations of cloud security users and providers are contractually established in each specific case.
Despite the increasing complexity of technology, the level of security offered by mobile technologies is far from uniform and is often difficult to ascertain. On the one hand, many developers neglect vulnerabilities and patch management; on the other, many companies still lack an awareness of the IT risks inherent to apps and other software products. For IT security, regularly reviewing all mobile technologies used in a company for potential vulnerabilities and updating them as required is of decisive importance.
What are the specific IT risks for companies?
According to a 2016 survey conducted by the insurance provider FM Global, cyberattacks are ranked alongside machine breakdown and natural disasters as one of the top 3 risks to have impacted on business activities in the last five years.
This is because companies are equipping their machinery with sensors, using social media, and saving data in the cloud: the consequence of this digitization is heightened IT security requirements.
Arming companies to repel a range of potential attacks, such as malware or DDoS attacks, requires extensive expertise to implement suitable protective measures that can achieve a high level of IT security.
Almost every piece of complex software contains code errors and security gaps that cybercriminals can exploit, such as to steal data or plant bots or other malware in IT systems.
Protective measures: Efficient vulnerability, patch, and lifecycle management, together with a transparent information policy from the software provider, can significantly reduce the risk of IT security gaps. Purchasing staff and system administrators should therefore ensure that they only implement software which is reviewed and updated regularly and which features transparent security standards.
Ransomware, DDoS attacks, APT attacks and many other forms of cybercriminality are based in large part on sophisticated malware. In most cases, the malware reaches a device as an email attachment, through downloads or apps, or in the form of fake program updates. While most devices feature virus protection, due to the rapid development of malware, it is often not possible to detect and protect against the full scope of such attacks.
Protective measures: As well as “classic” solutions, such as firewalls and anti-virus programs, IT security concepts for companies also need to include regular hardware and software inspections. In addition, the concept should integrate software users and teach them how to use IT systems securely and cautiously.
Ransomware is a malware variant that blocks hardware or encrypts user data to render devices unusable. Only once the ransom has been paid is the device unlocked for the user. Attacks can take a blanket approach, such as the WannaCry cryptoworm, or be targeted against a single company or organization.
Protective measures: It is possible to reduce the risk of an attack, such as by strategically segmenting a company network and implementing systematic patch management in order to eliminate vulnerabilities in the system at an early stage. A simulated cyberattack can help to provide a realistic picture of the risks and implement corresponding measures.
In a survey of around 600 IT experts, almost a third (31%) reported experiencing at least one ransomware attack in 2017. Only a tiny number of companies (3%) actually pay the ransom: the majority attempt to repel attacks with AV software or by restoring backups.
Source (in German): www.eco.de/wp-content/blogs.dir/eco_report_it-sicherheit-2017.pdf
DDoS (distributed denial-of-service) attacks intentionally trigger a server overload with the aim of partially or fully incapacitating a company’s IT structures. In most cases, such attacks are carried out using botnets, which can independently infect large numbers of devices with malware almost immediately. DDoS attacks are often associated with ransom demands.
Protective measures: As botnets are based on malware, classic security measures can be effective, such as systematic vulnerability analysis, regular software updates, strategic network segmentation, and increasing employees’ awareness of IT security risks. Beyond that, companies should consider specific DDoS-prevention solutions that can act quickly to divert traffic leading to an overload.
APTs (advanced persistent threats) are a wide-ranging data collection method. Traditionally, APTs have been used by news agencies; there are, however, growing indications that such methods are now being used for corporate espionage. APTs often infiltrate a system via software updates.
Protective measures: Basic protection from firewalls and anti-virus programs remains utterly essential. In addition, however, hardware and software in the network should be segmented and secured with access rights. User training sessions, regular audits to identify vulnerabilities, and an effective emergency strategy round off the security concept.
LHIND – IT security consultancy and solutions
The LHIND service spectrum comprises four main topic areas. We ensure that each individually tailored IT security concept effectively integrates and interlinks these four areas.
IT security concept: Four core areas
- Secure process architecture: Defining and developing an appropriate level of protection
- Security by design: Implementing operational solutions
- Audits: Ensuring compliance and adhering to security requirements
- Advanced cybersecurity: Equipping and preparing for emergencies
Our IT security services for your company
Our aim is to raise awareness of specific IT risks within your company and to help you to be proactive in managing them. With our risk-oriented, individual security concepts, we ensure you are as prepared as possible to respond to potential emergencies before they occur. Our operational security solutions – which we implement comprehensively and in accordance with applicable regulations – lay the required technical foundations for commercially appropriate protection. By conducting emergency simulations and regular audits, we continuously place your IT security under the microscope to examine it in detail. We simulate real attacks on your system in penetration tests and stand ready to provide immediate assistance if a genuine attack occurs.
Ensuring an optimal level of IT security
Working together with you, we place all of your IT processes and interfaces under the microscope. We examine the technologies you use, ensuring they are up to date and secure, identifying potential vulnerabilities and proposing improvements where required. In addition, we engage with the security requirements and other current compliance requirements in your sector and develop a high-quality IT security concept, perfectly tailored to your company. This provides you with an overview of all aspects of your software and hardware and allows you to realistically assess IT risks.
Core topics relating to secure process architecture
- Developing an Information Security Management System (ISMS): ISO 2700x, baseline security pursuant to BSI (Federal Office for Information Security) requirements
- IT security concepts in accordance with KRITIS (critical infrastructure) regulations
- Implementation of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG)
Consultancy for operational security solutions
On the basis of applicable regulations and taking into account the current status of your IT systems, we recommend individual and standard operational security solutions and integrate them in your processes. The focal points of our operational solutions are in digital trust structures, security monitoring solutions, web security and tracking systems, mobile security, cloud security, and IoT security. This makes working with your IT systems more efficient, more user-friendly and more secure, all at the same time.
Core topics relating to security by design
- Public key infrastructure (PKI), hardware security modules (HSMs), cryptography
- Configuration management database (CMDB), identity and access management (IDM & AM), security information and event management (SIEM), protection against advanced persistent threats (APTs)
- Security for Azure/Amazon Web Services (AWS), Open Web Application Security Project (OWASP) top 10
- Open Web Application Security Project (OWASP) mobile top 10, mobile device management (MDM)
- Embedded security, lightweight protocols
Continuous implementation checks and compliance
Applicable standards and security requirements are updated in the same way as software and hardware. We help you to stay up to date with the latest developments in IT security. With tailored security checks and IT architecture reviews, we show you where updates are required. We conduct individual privacy audits to support you on data protection and compliance issues – thereby minimizing the risk of financial losses through attacks or sanctions and building long-lasting trust in your company.
Core topics relating to audits
- IT security audits
- IT risk audits
- Privacy (impact) audits
Defense strategies for cyber-emergencies
Attack is the best form of defense: by simulating a cyber-attack, we can precisely identify vulnerabilities in your IT system. You gain an insight into critical components and tolerance ranges, as well as a realistic impression of the potential damage to your company. The results of the penetration test help us to protect your IT security even better against various forms of attack. Of course, in the event of a real emergency, we stand ready to support you – we’ll guide you quickly and efficiently through the measures you need to take to minimize the operational and financial losses.
Core topics relation to advanced cybersecurity
- Active penetration tests
- Specialist and technical emergency management
- IT forensics
- Preparation of countermeasures
Find out more about the topics that matter for your sector
Want to learn more about the IT topics that matter to you? We can keep you up to date with the news from your sector on central issues such as Big Data, Industry 4.0, collaboration platforms and much more besides. We also offer personalized consultations – simply get in touch.