"Vigilance is a good start"


Cyber security is one of the most challenging topics for IT departments in companies. In this interview, Andreas Plaul, CIO, and Jochen Vogel, CISO at the Haufe Group, report on how they deal with it.

Minutes to read

Can internet users avoid becoming victims of cybercriminals at some point?

Vogel: No, honestly not. Every day you see spam and phishing e-mails in your e-mail inbox with the aim of taking over your user account or installing malicious code. Some of these e-mails are so well made that they are not recognisable to users at first glance. Whether one ultimately becomes a victim depends on the security measures that are established in the company.

And how good are the security measures of German companies?

Plaul: Large companies are generally well positioned. Many medium-sized companies also do their utmost to protect themselves. For small companies, however, it is an extreme challenge to be really well and securely positioned due to the complexity of the topic.

The Haufe Group was the victim of a DDOS attack in June 2021. In these attacks, perpetrators do not penetrate the company network, but overload it. What measures did you take afterwards?

Plaul: First of all, it is important to understand that such an attack is not about data theft. Criminals pursue the goal of paralysing business operations and thus blackmailing the company. In our case, we were attacked early in the morning with little warning. Fortunately, we were prepared, so there were temporary restrictions, but no serious problems.
In hindsight, it is important to learn from this. What can we do better? This concerns, for example, reporting channels or response times at night. For us as a company, the successful handling of the attack was above all a confirmation of the good work we do in the teams.

Were the perpetrators found?

Vogel: We contacted the state authorities, who initiated proceedings. The hacker groups are usually known in such cases. In our case, however, the persons could not be identified. Unfortunately, that is usually the reality.

How well do you feel supported by the state in the digital world?

Plaul: The responsible authorities and institutions take the topic seriously and do a lot of the right things. But the volume of attacks on companies is simply too large for them to be prevented in their entirety or to be comprehensively supported by state authorities.

How often is the Haufe Group attacked by cyber criminals?

Vogel: We register several attempts every day that require a certain amount of attention and are investigated more closely. In the end, there are usually one or two relevant incidents per month for which we have to react immediately.

What kind of incidents are these?

Vogel: They are direct attempts to attack our infrastructure and cloud environment, but mainly targeted emails to our employees.

Statistics show that cyber attacks are on the rise. Do you feel this too?

Plaul: The damage caused by cyber criminals is increasing - directly and indirectly. We have to upgrade our technology, train our staff and invest a lot of working time. With the increasing number of attacks, our efforts and costs are growing.

We must remain vigilant. The warning of the Office for the Protection of the Constitution is not unfounded. The bakery on the corner has less to worry about than an industrial company. Because what hits you and how also depends on the sector you are in. Where do criminals attack? Where are state actors on the move? Sitting back is not an alternative. That's why we have to face the challenges. Then we will also be safe.

This article first appeared in the Badische Zeitung on February 10 2022.

Follow us