In our latest podcast episode, we take a deep dive into the world of information security, a topic that is crucial for every company. With Iskro Mollov, the Chief Information Security Officer of GEA Group, a leading global system provider for the food, beverage and pharmaceutical industries, we have an expert in this field as our guest.
The relevance of information security
Statistics show that 90% of companies have already fallen victim to attacks. Renowned risk barometers also see this as the greatest business risk, which makes it essential to be prepared for such attacks. Cybercrime attacks are on the rise, especially against the backdrop of tense geopolitical interests. In addition, new EU regulations even stipulate the personal liability of managing directors and board members, which underlines the importance of addressing this issue comprehensively at the highest level.
Taking a holistic view of security
An interesting comparison between the challenges of the financial sector and manufacturing companies shows that the former already have to ensure security through many legal regulations, while the latter are less regulated, but at the same time more business areas need to be considered from a security perspective, such as production and the supply chain, to name but a few.
Mollov explains the holistic approach to security, which goes beyond IT security issues and requires a broader view. In order to successfully tackle information security, he explains the need for a holistic strategy, such as the one implemented by GEA. Here, the topics are considered centrally and implemented in eight different work streams.
Best possible preparation for attacks
Mollov points out that despite all precautionary measures, a risk remains and companies must be prepared to react appropriately to attacks in order to be able to guarantee their business operations in the long term.
The main challenges lie less in the recruitment of skilled workers, as they are available globally. Rather, the following aspects should not be underestimated: Stakeholder management, management responsibility, communication, training and commitment of existing staff and the secure development of in-house software.
Positive outlook
In addition to raising awareness of risks, a decisive factor is highlighting the opportunities of good security work, as this can also be an important competitive advantage.
An important first step in the holistic security strategy is to find the right CISO and place him or her in the right organizational position so that the complex issue can be viewed holistically and driven forward.
SHOWNOTES
Training StrategyFrame certification program in Düsseldorf in March - apply now
Iskro Mollov
GEAGroup
Christian Underwood
Prof. Jürgen Weigand
StrategyFrame
Podcast "Hope is not a strategy"
Book "Hope is not a strategy"
Allianz Risk Barometer