MARKET & TECHNOLOGY
Profitable companies are particularly at risk
Many companies operate in complex, global and digital ecosystems – and that offers a growing number of potential targets for cybercriminals.
While digitalized infrastructures advance industrial companies and the economy, they also provide an enormous sphere of activity for criminals. In Germany alone, the number of cyberattacks in 2019 increased by more than 15 percent to over 100,500 compared to the previous year. Cyberattacks have become a criminal business model that costs companies billions every year, making cybersecurity risks one of the leading risks companies face today. Cyberattacks can take a variety of forms, from data theft and ransomware to system takeover with potentially far-reaching repercussions for production processes and supply chains. In the worst-case scenario, loss of information can have economic consequences or damage reputations. The impact of the COVID-19 pandemic has brought about a new momentum in IT security. Cybercriminals tend to respond quickly to socially relevant topics and trends – and adapt their attack campaigns appropriately.
According to Stefan Tittel, Head of Group IT at Symrise, related phishing activities have been seen since the beginning of the pandemic. “Emails are one of the most important interfaces to customers, suppliers and service providers – and at the same time the biggest gateway,” says the expert. To bring more attention to the issue, Symrise Group IT launched a global phishing campaign in 2019 that highlighted characteristics of malicious emails because education and prevention are extremely important to combat this. “We showed employees how they could tell that it was a phishing email and set up a security concept under the guidance of Jesse Sonne, IT Compliance & Security Manager,” explains Stefan. “It may be the sender, a suspicious link or a latently aggressive and pushy tone of voice – the identifying features of a phishing email vary. The high level of participation and the overall increase in attention show us that Symrise employees are becoming more mindful and more cautious,” Jesse concludes.
It is important that every employee knows the safety rules and acts strictly according to them.
Stefan Tittel, Head of Group IT
Nevertheless, there was a cybersecurity incident in the global IT networks before Christmas. The global teams reacted immediately and worked intensely to devise a strategy to deal with the incident in close coordination with external security specialists. The highest priority here was the fastest possible restoration of important IT infrastructures and business processes as well as the sustainable protection of individual systems. Accordingly, initiatives included in the IT strategy were brought forward and launched immediately. A security incident response center was set up in a very short time to implement necessary security measures. For example, all Symrise employees who have a computer workstation were urged to come in for a security update before the holidays. The update checked whether the computer was affected by the cybersecurity incident and at the same time installed additional security software. Likewise, employees were reminded to be vigilant against phishing attempts and to strictly follow the general security guidelines from Group IT. “Many cyberattacks are less sophisticated technologically and don’t rely on network gaps – phishing emails will do.
Technological tools cannot replace common sense and a little skepticism. IT security must be understood as a holistic topic,” explains Stefan. The origin of the incident is being investigated at the same time. “This is why we have to be careful with detailed information about our measures,” says Stefan. Comprehensive and thorough investigations are underway, including by authorities, which have not yet been completed. Companies like Symrise that report cybersecurity incidents also receive support from the German Federal Office for Information Security and the German Federal Office for the Protection of the Constitution. The intensive analysis and knowledge gained from the incident at the Holzminden site made it possible to apply this understanding to the international sites and successively restart the systems and production processes. This enabled a rapid return to smooth communication with customers, suppliers and other business partners.