Back to Newsroom

Wednesday, 09 February 2022

Since 2004, the Safer Internet Day (SID), initiated by the European Union, has taken place every year in February. On the occasion of SID, Patrick Veith talks about his experience in dealing with threats from the network and how companies can prepare for an increasingly digital future. Patrick has worked in different units of the msg group for 19 years and today leads the Security Solutions department of msg services ag.

Why is the topic of safe internet so important to msg?

At msg, we see ourselves as pioneers of digitalization. This also means focusing on people as users, especially when it comes to the security of IT systems. Threats from the Internet are a recurring phenomenon. Criminals often rely on the ignorance or credulity of users. The most important factor when it comes to a secure Internet therefore remains people. We need to raise awareness as early as possible because the threat is not yet clearly recognizable, especially for children and teens. Initiatives such as the Safer Internet Day make a very positive contribution here, which we warmly welcome.

Can you tell us about a typical mistake when dealing with the internet?

Unfortunately, they are legion. For example, we repeatedly see people being too careless when disclosing sensitive information. Many people simply don't realize how valuable seemingly unimportant unrelated pieces of information and data records that seem unimportant at first glance can be to criminals. Backups to protect data are not done or not done regularly but are essential if the worst comes to the worst. For example, when a ransom attack occurs, the encrypted storage of data in the cloud can minimize the damage. In this context, we often see outdated operating systems and software. This is dangerous. Because if systems are not up-to-date, they are not adequately equipped to ward off threats from the digital world.

Is there an anectode that you think specifically sheds light on this topic?

We repeatedly encounter statements such as: “We are just small fry. What is the worst that can happen to us?” or another classic such as “We're sure we haven't been successfully attacked yet.” This is where two extremes meet: On the one hand, the false sense of security and invulnerability, and, on the other, resignation due to a feeling of powerlessness or being overwhelmed. However, the facts are clear. The days of attacks purely to tap information for the purposes of industrial espionage or to inflict damage at random are over. Today, the aim is to extract ransoms for the decryption or non-disclosure of sensitive data. Attackers are very professional, focused and organized. An attack like this can happen to anyone. It may well be that such attacks go unnoticed at first, since many perpetrators now operate undetected and silently over a long period of time.

What is the state of play at German companies?

It varies greatly. We see a large bandwidth from very well-developed protection levels to systems that hardly meet the necessary standards. Unfortunately, we also observe that there is often little budget for personnel and/or security solutions. This is concerning because as criminals develop new methods every day, the complexity of the requirements also increases. IT security must quickly adapt to protect the newly created, potential targets.

What are the pioneers doing well on these issues? What can others learn form this?

The best are focusing on continuous further development and optimization, both technologically and in terms of personnel through further training. Because the other side is doing the same. Companies should continuously invest in security measures. By maintaining a stable level of security, you create a certain hurdle for attackers. Many criminals shun away from more effort and prefer to look for an easier, unprotected target. So deterrence is a good strategy. In the long run, the damage of an attack is much higher than the budget invested in the security system.

Which challenges in cyberspace will move into the spotlight in the future?

Mobile, distributed and flexible working with many different devices has become reality due to the pandemic. This leads to complex hybrid infrastructures and opens up many new attack vectors. In 2020, many companies rushed into quick and, from a security perspective, sometimes hasty solutions. Small IT departments in particular cannot get a comprehensive handle on the new systems. These departments need appropriate solutions and external support in order to cope with the high level of complexity.

Which security solutions does msg offer companies specifically?

We offer a comprehensive portfolio in the area of IT security. Our goal is always to determine and implement the appropriate solution individually and in line with requirements. Our holistic approach helps customers put together the different pieces of the puzzle that make up a coherent overall picture. Protecting your own networks requires the continuous development of very specialized skills - this is an enormous effort for companies. Here, too, we can provide our customers with sustainable support, because we offer precisely tailored Managed Services for IT security services.