What precautionary measures should retrofit German companies in the year 2011? Technical retrofitting should, where there is little security measures, on the other hand a major threat on the one hand so far. Especially include systems in my opinion to the identity and access management and the encryption of sensitive data. Here too, I can return the Wikileaks case. How can it be that on such highly sensitive data from the U.S. Department of almost a million people had uncontrolled access? There was apparently no access control, the documents were encrypted. And not Wikileaks was definitely to blame.
Where do you see the greatest need for action as an expert? In the awareness of employees on all levels of the company by the Porter right up to the top-manager. By the latter I hope especially the insight that immediately a value added for the company due to the appreciation of the employees. A satisfied employee is loyal and can go with not just the customer database. Also, he is generally achtsamer when dealing with corporate data. This is a more effective defense of corporate values, than it could ever be the strongest firewall. Ultimately nothing more than a modern form of the principle of the legitimate businessman behind the buzz words of governance, risk and compliance (GRC), which are often called in security-related”. A principle that many companies have sadly forgotten. Now, they try under the acronym GRC again to teach it the company.
I find the a positive trend we apsec support in our range of services. Have you noticed also positive developments in the last few months? Quite. In particular, the number of those are generally negatively evaluating the concern for security has declined. Long time had to occur is as a security consultant Kassandra, which warns and nobody wants to listen to that. We know what happened to Troy.