Vigilant on the street. And in the network.
The shock: out of nowhere, a ransom note appears on the screen during work: “Pay 450,000 euros by 1 December if you want your data back” is what you read. Fake virus warnings, self-acting mouse pointers, strange search results – what sounds like a bad joke now happens to nine out of ten companies in Germany – they become victims of a cyber attack. Theft, espionage and sabotage cause total damage of 223 billion euros to the German economy every year. But most companies still do not take this danger seriously enough. For a long time now, the biggest gateway to companies’ systems has not been the technical infrastructure, but rather the staff who uses and operates the systems.
“We have been dealing with this type of threat for a long time,” explains Maximilian Moll, MBS Awareness-Officer. “That’s why we decided two years ago to develop an IT security concept together with the IT security specialists from Network Box in Cologne.”
This is based on two pillars: technology and security awareness. The technical component is covered by a UTM firewall solution tailored to the company. Anyone who now thinks of room-filling hardware with dozens of components is mistaken. The Network Box is a small black box, which Managing Director Dariush Ansari affectionately calls the “doorman”. “It checks everyone who wants to enter the network in real time for malicious code and decides who is allowed in and out again,” Ansari explains. In addition, the box ensures secure email traffic with virus protection, regular updates and anti-spam modules. As a managed security service provider, Network Box not only provides the technology, but also takes care of the entire IT security area, including installation, monitoring, maintenance and support. This is also the case at MBS Logistics.
But that’s not all. “Cyber attacks are becoming more and more sophisticated, the malware programmes more and more complex,” says Ansari. “The best technology is of no use if humans don’t play their part.” According to the German Federal Office for Information Security (BSI), 450,000 new malware programmes enter circulation every day. In most cases, the attack begins with a spam email. That’s why Network Box at MBS educates employees through regular security awareness training with simulated phishing campaigns, training modules on the specially developed eLearning platform and supporting materials at the workplace that sensitise employees to the topic of IT security on a daily basis.
“In the end, it is the combination of the various measures and the holistic concept that has led to increased awareness among our employees,” says Maximilian Moll. “However, we are also aware that we can only maintain our very good IT security status if we repeat the trainings at regular intervals.”
At the end of the security chain, there is always a human being who makes the right decision in the decisive situation.
Raise awareness for internet security
Max Moll is the Cyber Awareness Officer at MBS. “Cyber awareness is not just an IT topic, it belongs to the whole area of organisational development. Of course, it has a lot to do with good communication and in the end it is important that the new habits have become as natural as, for example, an up-to-date virus scanner,” laughs Moll.
Since internet security is permanently threatened because attack scenarios are constantly evolving, security is not a purely technical issue either, but an everyday task for every employee.
Max Moll plans, designs and advises MBS on cyber security awareness. “We need this position not only for MBS itself, but above all for our customers. They can trust us that their data is safe with us.” In doing so, Moll prioritises topics, assesses the awareness level of MBS and proposes measures in the individual areas to ensure an appropriate level of security across MBS.
In order to reach all employees to the same extent and to increase awareness in daily work, we also rely on training, which will continue to gain in importance in the future.