New Cyber Threats - New Operative Risks

Cyber incidents

The biggest operative risk in the age of digitization

Companies of all sizes and industries are threatened. Firewalls, antivirus programs and other protection systems are elementary and important, but often powerless against new forms of cyber threats. This is shown, among other things, by the following cases of damage: 

 

NotPetya

The Trojan was installed via software updates bypassing firewalls and antivirus programs. Internal distribution was mainly made possible by the fact that system services had overly extensive authorizations. Administrative accounts could be misused for further installations.

 

Payment Diversion

Firewalls or antivirus programs cannot prevent redirection of payment flows. Instead, effective measures such as monitoring payment transactions and informing the relevant specialist departments are necessary.

  • Interruptions in operation and production lasting several days
  • Production manipulations
  • Financial fraud
  • Claims for damages due to liability risks
  • Competition espionage and manipulation

Our solution: Cyber Risk Assessment

We analyse your changed risk situation.

1. Risk Analysis

We identify high and critical operational risks, create worstcase scenarios and assess the possible business impact on this basis.

2. Vulnerability Assessment

We check your IT and OT/SCADA systems and processes for existing security holes and evaluate the vulnerability using our Security Control Scoring. Our results allow a meaningful prioritization for the risk handling process.

3. Recommendation for Action

You will receive a three-part fi nal report on management, risk and vulnerability. Using benchmarks and vulnerability scores for the individual security controls, we present the results using comprehensive dashboards and determine your personal risk situation including recommendations for action.

Risk Analysis

Entrepreneurial activities are generally associated with risks. Our Cyber Risk Assessment enables you to manage your risks in accordance with your corporate goals. We systematically identify and evaluate potential business impacts based on worst-case scenarios. These scenarios serve as a basis for the decision of management/the executive board whether risks should be accepted, avoided, reduced or transferred.

Vulnerability Assessment

Security controls are defined protective measures (for IT systems, processes, etc.) designed to prevent the occurrence of a business impact. Using selected security controls and a KPI-based rating system, vulnerability can be isolated or assessed in a network. Typical security controls are e. g. Vulnerability Management, Financial fraud prevention, BCM, Rights management, Authentication security, Mail security etc.

 

 

Interested or having questions?

We look forward to hearing from you!