Handelsblatt Interview

Cybersecurity Begins at the Top

  • Why it matters

    Why it matters

    Firms must recognize that cybersecurity is not merely a technical problem, but instead must be approached on the level of systems and operations, and responsibility must lie with senior management.

  • Facts


    • More than two-thirds of German industrial companies have faced cyber attacks during the past two years, according to a 2016 survey, at a total cost of around €22.4 billion a year.
    • Last November, a global cyber attack blocked or interrupted internet, TV and telephone services for over 900,000 Deutsche Telekom customers in Germany.
    • Market research firm Gartner has estimated that the number of internet-connected devices will rise from just under 5 billion in 2015 to 6.4 billion this year.
  • Audio


  • Pdf
Norbert Winkeljohann
Watch out! Companies need to do more to protect themselves, according to Mr. Winkeljohann. Source: DPA

There is a growing threat of cyberattacks on mid-sized companies, the German operations for PwC, one of the world’s largest management consultants, told Handelsblatt.

Norbert Winkeljohann said that the emerging benefits of digitization—like autonomous driving and networked houses—could be destroyed unless companies took care to protect themselves from hacking and other cybercrimes.

He warned that security is not a technical issue, but an operational one, and that responsibility for it belongs with senior management.

Mr. Winkeljohann said the objective threat was increasing, as was fear surrounding the question. Both could be damaging to organizations, and the only real answer was to invest strategically in coherent processes and systems. Whereas large companies had mostly woken up to the issue, progress had been slower down the scale. “Above all, mid-sized companies are not investing enough in this,” he said.

There was absolutely no question that cyberattacks on the “Mittelstand”—the name given to Germany’s large number of small and medium-sized industrial companies, often in family ownership—was increasing. Numbers were hard to come by, he said, since many attacks were never made public, but a hotline established by PwC had been increasingly busy.

Mr. Winkeljohann said he knew of one industrial firm which had recently been conned out of several million euros. That case revealed the broad spectrum of threat: it was not a hacking attack, but email fraud.

Want to keep reading?

Subscribe now or log in to read our coverage of Europe’s leading economy.