Indispensable: IT and cybersecurity
It is no longer just government institutions and large corporations that are on the agenda of cybercriminals. Time and again, it is medium-sized companies that fall victim to cyberattacks and industrial espionage. The reason is quite simple: security barriers are often much lower here than in the institutional sector or in large corporations. Continue reading
As a foundry and metalworking company, we are also exposed to the threat of cyberattacks. This affects not only administration, but also production as processes become increasingly digitalized. It is painful enough when administration is paralyzed for a few days, but a shutdown in production lasting several days can quickly threaten the very existence of the company. This makes it all the more important to protect ourselves against such scenarios.
This must take place at both the infrastructural and human levels. “Of course, we don’t have the resources and structures of government agencies and global corporations, but even a few basic security measures can eliminate the majority of threats,” explains Marius Stempin, IT Infrastructure Team Leader at the Kuhn Group.
The far greater risk factor is and remains the human factor. “Cyberattacks often originate from malware that ends up on employees’ computers via file attachments or links in seemingly harmless emails and spreads from there,” says Stempin, explaining one of the most common gateways for hackers.
In order to reduce this risk as much as possible, all employees with IT workstations have undergone extensive training by a renowned IT security service provider in the past and have been made aware of the dangers and risks of the IT infrastructure.
Based on these workshops, an internal training program on IT awareness was also developed. “It was important to us to reach employees who did not participate in the intensive program, for example because they do not work directly at IT workstations or because they are new employees,” explains Tordis Urbach, who developed the program together with IT and is also responsible for its implementation.
Over a period of six months, around 150 additional employees at Kuhn were trained to exercise the necessary caution when using the company’s hardware and software. “Many IT threats that we encounter in our everyday business and private lives are as clumsy as they are obvious, e.g., some phishing emails. But serious attempts to penetrate our infrastructure are often well hidden and professional. That’s why we want to use our training courses to encourage our colleagues to always be careful and vigilant, and to provide them with guidelines on how to recognize potential threats and avoid mistakes,” adds Urbach.
One hundred percent cybersecurity? It doesn’t exist. Nevertheless, with certain technical measures and regular awareness training for employees on common points of attack, the risks to IT security can certainly be reduced.