Cybersecurity 2025 \u2013 New threats, new solutions<\/span><\/h1><\/h1><\/span><\/div><\/div><\/div>The digital threat landscape is no longer a marginal issue \u2013 it is part of our everyday reality. This is particularly evident in small and medium-sized enterprises: while IT structures are becoming more complex and interconnected, security concepts often lag behind technological progress. <\/p>\n
2025 is just around the corner \u2013 and with it come new challenges: technical, organisational and legal.<\/p>\n
The CosH special feature provides an overview of the most important developments, explains why traditional security concepts are often no longer sufficient, and presents practical approaches for making your company more resilient.<\/p>\n<\/div>
<\/div><\/div><\/span>\ud83d\udea8 1. The threat continues to evolve \u2013 faster than many companies can keep up with<\/h2><\/h2><\/span><\/div><\/div><\/div>Cybercrime has long since become professionalised. Particularly on the rise: <\/p>\n
Ransomware-as-a-Service (RaaS): Criminal groups offer ready-made attack packages, including support and payment systems \u2013 a \u2018business model\u2019 that was already responsible for over 60% of all ransomware attacks in 2024.<\/p>\n
Deepfakes and AI-generated phishing emails: Attacks are becoming more credible because artificial intelligence is capable of imitating communication styles \u2013 even internally. This dramatically increases the success rate of social engineering. <\/p>\n
Supply chain attacks: Attackers target not only the company itself, but also its IT service providers, software suppliers or hosting partners \u2013 often the weakest link in the chain.<\/p>\n
So the big question is no longer: Is my company a target? But rather: Am I prepared when the attack comes?<\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work?<\/h2>\n
Moderne Sicherheitsarchitekturen setzen nicht mehr auf Perimeterverteidigung allein. Stattdessen dominieren diese Ans\u00e4tze: <\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work? <\/p>\n
Extended Detection & Response (XDR): Traditional AV solutions are no longer sufficient. XDR combines telemetry data from various IT areas (network, endpoints, cloud) to detect even complex attack patterns in real time. <\/p>\n
MFA, PAM & BYOD rules: Multi-factor authentication, privileged access management and a clear policy for private devices (Bring Your Own Device) will become the minimum standard in 2025.<\/p>\n
What is often overlooked is that the most effective measures are not necessarily the most expensive ones, but rather those that are best integrated into processes.<\/p>\n<\/div>
<\/div><\/div><\/span>\u2696\ufe0f 4. Regulation on the rise: NIS2, DORA and Co.<\/h2><\/h2><\/span><\/div><\/div><\/div>In 2025, several regulatory requirements will come into force that may also affect small and medium-sized enterprises \u2013 either directly or indirectly through their role as service providers or suppliers:<\/p>\n
NIS2 Directive (EU): Far-reaching requirements for cybersecurity, risk analysis, business continuity and reporting obligations. It affects not only critical infrastructures, but also many medium-sized companies \u2013 often without their knowledge. What NIS2 requires:<\/strong><\/p>\n\n- Clear responsibilities for IT security<\/li>\n
- Risk management & business continuity<\/li>\n
- Incident response processes<\/li>\n
- Documentation and reporting requirements<\/li>\n
- Regular review and improvement of protective measures<\/li>\n<\/ul>\n
And what happens if you don’t comply: hefty fines of up to \u20ac10 million or 2% of annual turnover \u2013 and potentially massive damage to your reputation.<\/p>\n
Digital Operational Resilience Act (DORA): IT risk management is becoming a legally binding discipline for all companies in the financial and insurance sectors, including IT service providers in these industries.<\/p>\n
Cyber Resilience Act: Emphasises the responsibility of manufacturers and software providers to deliver secure products. This affects entire ecosystems and supply chains. <\/p>\n
Actively addressing these requirements is important not only for compliance reasons, but also because they provide a useful framework for IT security strategy.<\/p>\n<\/div>
<\/div><\/div><\/span>\ud83d\udcc9 5. The human factor: Lack of expertise becomes a risk<\/h2><\/h2><\/span><\/div><\/div><\/div>Despite technical advances, one thing remains constant:<\/p>\n
The biggest weak spot is sitting in front of the screen.<\/strong> This applies to social engineering as well as to faulty configurations.<\/p>\nBut who should take responsibility when:<\/p>\n
\n- IT managers repairing printers, patching servers and maintaining ERP systems all at the same time?<\/li>\n
- No time for further training?<\/li>\n
- Is there a lack of awareness on the part of management?<\/li>\n<\/ul>\n
According to a Bitkom study from 2024, 68% of SMEs say that they cannot build up enough security expertise internally. And yet many companies shy away from seeking external support \u2013 for fear of costs, loss of control or complexity. <\/p>\n<\/div>
![](\"https:\/\/cosh.de\/wp-content\/uploads\/2025\/06\/data-center-techniker-fuhrt-den-code-aus-scaled.jpg\" "\\"Data")
<\/span><\/div><\/div><\/div><\/span>\ud83d\udee0\ufe0f 6. Pragmatic solutions \u2013 what really works<\/h2><\/h2><\/span><\/div><\/div><\/div>We see in practice that the decisive difference is not the budget, but the courage to implement a structured approach. What works is not a huge project, but a clear, realistic roadmap. <\/p>\n
1. Security assessment as a starting point<\/h3>\n
Where do you really stand? Which systems are exposed? What are your crown jewels? A technical and organisational check provides the answers. <\/p>\n
2. Prioritise protective measures<\/h3>\n\n- Not all at once. Instead: <\/li>\n
- MFA (multi-factor authentication)<\/li>\n
- Patch management<\/li>\n
- network segmentation<\/li>\n
- Logging & Monitoring<\/li>\n
- Basic protection for end devices<\/li>\n<\/ul>\n
3. Raising awareness \u2013 internally and externally<\/h3>\n
Training courses are not a chore, but a survival strategy. A well-informed employee is more valuable than any firewall. <\/p>\n
4. Clarify responsibilities<\/h3>\n
Who makes decisions in an emergency? Who reports incidents? IT security requires defined roles \u2013 not gut feelings. <\/p>\n
5. Understand external support not as a weakness, but as a strategy<\/h3>\n
An external IT security partner can provide specialised expertise \u2013 scalable, controllable, efficient. From 24\/7 monitoring and vulnerability scans to support with NIS2 audits. <\/p>\n<\/div><\/div><\/div><\/div><\/div>
<\/div><\/div><\/span>\ud83e\udde9 Case study 7 (November 2023\/2024)<\/h2><\/h2><\/span><\/div><\/div><\/div>Company: Nordwest Handel AG, Dortmund Industry: Wholesale & logistics Size: approx. 1,200 employees, over 1,000 specialist retail partners Date of incident: November 2023 Type of attack: Ransomware attack with partial data encryption<\/p>\n
Causes & weak points<\/h3>\n
Specific technical details have not been made public for understandable reasons. However, it is known that the attack was not carried out via social engineering or phishing, but presumably via a technical vulnerability in the system \u2013 an indication of exploitable attack paths in third-party software or insufficiently secured services. <\/p>\n
Consequences of the attack:<\/h3>\n\n- Temporary shutdown of essential IT services<\/li>\n
- Slowed down or halted ordering and logistics processes<\/li>\n
- Emergency operation with manual support<\/li>\n
- High organisational effort required for recovery<\/li>\n
- Internal resource allocation and external costs<\/li>\n
- The financial damage has not been publicly quantified, but is likely to have been significant given the company’s role in the supply chain.<\/li>\n<\/ul>\n
Lessons learned from the incident:<\/h3>\n
This incident exemplifies:<\/p>\n
\n- Even established B2B companies with their own IT teams are vulnerable.<\/strong><\/li>\n
- Small and medium-sized enterprises are increasingly becoming the focus of professional cybercriminals.<\/li>\n
- Protection provided by traditional antivirus solutions is no longer sufficient.<\/li>\n
- Without contingency plans, backup strategies and external support, companies can quickly become overwhelmed.<\/li>\n<\/ul>\n<\/div><\/div><\/div><\/div><\/div>
The digital threat landscape is no longer a marginal issue \u2013 it is part of our everyday reality. This is particularly evident in small and medium-sized enterprises: while IT structures are becoming more complex and interconnected, security concepts often lag behind technological progress. <\/p>\n
2025 is just around the corner \u2013 and with it come new challenges: technical, organisational and legal.<\/p>\n
The CosH special feature provides an overview of the most important developments, explains why traditional security concepts are often no longer sufficient, and presents practical approaches for making your company more resilient.<\/p>\n<\/div>
\ud83d\udea8 1. The threat continues to evolve \u2013 faster than many companies can keep up with<\/h2><\/h2><\/span><\/div><\/div><\/div>Cybercrime has long since become professionalised. Particularly on the rise: <\/p>\n
Ransomware-as-a-Service (RaaS): Criminal groups offer ready-made attack packages, including support and payment systems \u2013 a \u2018business model\u2019 that was already responsible for over 60% of all ransomware attacks in 2024.<\/p>\n
Deepfakes and AI-generated phishing emails: Attacks are becoming more credible because artificial intelligence is capable of imitating communication styles \u2013 even internally. This dramatically increases the success rate of social engineering. <\/p>\n
Supply chain attacks: Attackers target not only the company itself, but also its IT service providers, software suppliers or hosting partners \u2013 often the weakest link in the chain.<\/p>\n
So the big question is no longer: Is my company a target? But rather: Am I prepared when the attack comes?<\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work?<\/h2>\n
Moderne Sicherheitsarchitekturen setzen nicht mehr auf Perimeterverteidigung allein. Stattdessen dominieren diese Ans\u00e4tze: <\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work? <\/p>\n
Extended Detection & Response (XDR): Traditional AV solutions are no longer sufficient. XDR combines telemetry data from various IT areas (network, endpoints, cloud) to detect even complex attack patterns in real time. <\/p>\n
MFA, PAM & BYOD rules: Multi-factor authentication, privileged access management and a clear policy for private devices (Bring Your Own Device) will become the minimum standard in 2025.<\/p>\n
What is often overlooked is that the most effective measures are not necessarily the most expensive ones, but rather those that are best integrated into processes.<\/p>\n<\/div>
<\/div><\/div><\/span>\u2696\ufe0f 4. Regulation on the rise: NIS2, DORA and Co.<\/h2><\/h2><\/span><\/div><\/div><\/div>In 2025, several regulatory requirements will come into force that may also affect small and medium-sized enterprises \u2013 either directly or indirectly through their role as service providers or suppliers:<\/p>\n
NIS2 Directive (EU): Far-reaching requirements for cybersecurity, risk analysis, business continuity and reporting obligations. It affects not only critical infrastructures, but also many medium-sized companies \u2013 often without their knowledge. What NIS2 requires:<\/strong><\/p>\n\n- Clear responsibilities for IT security<\/li>\n
- Risk management & business continuity<\/li>\n
- Incident response processes<\/li>\n
- Documentation and reporting requirements<\/li>\n
- Regular review and improvement of protective measures<\/li>\n<\/ul>\n
And what happens if you don’t comply: hefty fines of up to \u20ac10 million or 2% of annual turnover \u2013 and potentially massive damage to your reputation.<\/p>\n
Digital Operational Resilience Act (DORA): IT risk management is becoming a legally binding discipline for all companies in the financial and insurance sectors, including IT service providers in these industries.<\/p>\n
Cyber Resilience Act: Emphasises the responsibility of manufacturers and software providers to deliver secure products. This affects entire ecosystems and supply chains. <\/p>\n
Actively addressing these requirements is important not only for compliance reasons, but also because they provide a useful framework for IT security strategy.<\/p>\n<\/div>
<\/div><\/div><\/span>\ud83d\udcc9 5. The human factor: Lack of expertise becomes a risk<\/h2><\/h2><\/span><\/div><\/div><\/div>Despite technical advances, one thing remains constant:<\/p>\n
The biggest weak spot is sitting in front of the screen.<\/strong> This applies to social engineering as well as to faulty configurations.<\/p>\nBut who should take responsibility when:<\/p>\n
\n- IT managers repairing printers, patching servers and maintaining ERP systems all at the same time?<\/li>\n
- No time for further training?<\/li>\n
- Is there a lack of awareness on the part of management?<\/li>\n<\/ul>\n
According to a Bitkom study from 2024, 68% of SMEs say that they cannot build up enough security expertise internally. And yet many companies shy away from seeking external support \u2013 for fear of costs, loss of control or complexity. <\/p>\n<\/div>
<\/span><\/div><\/div><\/div><\/span>\ud83d\udee0\ufe0f 6. Pragmatic solutions \u2013 what really works<\/h2><\/h2><\/span><\/div><\/div><\/div>We see in practice that the decisive difference is not the budget, but the courage to implement a structured approach. What works is not a huge project, but a clear, realistic roadmap. <\/p>\n
1. Security assessment as a starting point<\/h3>\n
Where do you really stand? Which systems are exposed? What are your crown jewels? A technical and organisational check provides the answers. <\/p>\n
2. Prioritise protective measures<\/h3>\n\n- Not all at once. Instead: <\/li>\n
- MFA (multi-factor authentication)<\/li>\n
- Patch management<\/li>\n
- network segmentation<\/li>\n
- Logging & Monitoring<\/li>\n
- Basic protection for end devices<\/li>\n<\/ul>\n
3. Raising awareness \u2013 internally and externally<\/h3>\n
Training courses are not a chore, but a survival strategy. A well-informed employee is more valuable than any firewall. <\/p>\n
4. Clarify responsibilities<\/h3>\n
Who makes decisions in an emergency? Who reports incidents? IT security requires defined roles \u2013 not gut feelings. <\/p>\n
5. Understand external support not as a weakness, but as a strategy<\/h3>\n
An external IT security partner can provide specialised expertise \u2013 scalable, controllable, efficient. From 24\/7 monitoring and vulnerability scans to support with NIS2 audits. <\/p>\n<\/div><\/div><\/div><\/div><\/div>
<\/div><\/div><\/span>\ud83e\udde9 Case study 7 (November 2023\/2024)<\/h2><\/h2><\/span><\/div><\/div><\/div>Company: Nordwest Handel AG, Dortmund Industry: Wholesale & logistics Size: approx. 1,200 employees, over 1,000 specialist retail partners Date of incident: November 2023 Type of attack: Ransomware attack with partial data encryption<\/p>\n
Causes & weak points<\/h3>\n
Specific technical details have not been made public for understandable reasons. However, it is known that the attack was not carried out via social engineering or phishing, but presumably via a technical vulnerability in the system \u2013 an indication of exploitable attack paths in third-party software or insufficiently secured services. <\/p>\n
Consequences of the attack:<\/h3>\n\n- Temporary shutdown of essential IT services<\/li>\n
- Slowed down or halted ordering and logistics processes<\/li>\n
- Emergency operation with manual support<\/li>\n
- High organisational effort required for recovery<\/li>\n
- Internal resource allocation and external costs<\/li>\n
- The financial damage has not been publicly quantified, but is likely to have been significant given the company’s role in the supply chain.<\/li>\n<\/ul>\n
Lessons learned from the incident:<\/h3>\n
This incident exemplifies:<\/p>\n
\n- Even established B2B companies with their own IT teams are vulnerable.<\/strong><\/li>\n
- Small and medium-sized enterprises are increasingly becoming the focus of professional cybercriminals.<\/li>\n
- Protection provided by traditional antivirus solutions is no longer sufficient.<\/li>\n
- Without contingency plans, backup strategies and external support, companies can quickly become overwhelmed.<\/li>\n<\/ul>\n<\/div><\/div><\/div><\/div><\/div>
Cybercrime has long since become professionalised. Particularly on the rise: <\/p>\n
Ransomware-as-a-Service (RaaS): Criminal groups offer ready-made attack packages, including support and payment systems \u2013 a \u2018business model\u2019 that was already responsible for over 60% of all ransomware attacks in 2024.<\/p>\n
Deepfakes and AI-generated phishing emails: Attacks are becoming more credible because artificial intelligence is capable of imitating communication styles \u2013 even internally. This dramatically increases the success rate of social engineering. <\/p>\n
Supply chain attacks: Attackers target not only the company itself, but also its IT service providers, software suppliers or hosting partners \u2013 often the weakest link in the chain.<\/p>\n
So the big question is no longer: Is my company a target? But rather: Am I prepared when the attack comes?<\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work?<\/h2>\n
Moderne Sicherheitsarchitekturen setzen nicht mehr auf Perimeterverteidigung allein. Stattdessen dominieren diese Ans\u00e4tze: <\/p>\n
\ud83d\udd10 3. Zero Trust, XDR, MFA & Co. \u2013 How does modern security work? <\/p>\n
Extended Detection & Response (XDR): Traditional AV solutions are no longer sufficient. XDR combines telemetry data from various IT areas (network, endpoints, cloud) to detect even complex attack patterns in real time. <\/p>\n
MFA, PAM & BYOD rules: Multi-factor authentication, privileged access management and a clear policy for private devices (Bring Your Own Device) will become the minimum standard in 2025.<\/p>\n
What is often overlooked is that the most effective measures are not necessarily the most expensive ones, but rather those that are best integrated into processes.<\/p>\n<\/div>
\u2696\ufe0f 4. Regulation on the rise: NIS2, DORA and Co.<\/h2><\/h2><\/span><\/div><\/div><\/div>In 2025, several regulatory requirements will come into force that may also affect small and medium-sized enterprises \u2013 either directly or indirectly through their role as service providers or suppliers:<\/p>\n
NIS2 Directive (EU): Far-reaching requirements for cybersecurity, risk analysis, business continuity and reporting obligations. It affects not only critical infrastructures, but also many medium-sized companies \u2013 often without their knowledge. What NIS2 requires:<\/strong><\/p>\n\n- Clear responsibilities for IT security<\/li>\n
- Risk management & business continuity<\/li>\n
- Incident response processes<\/li>\n
- Documentation and reporting requirements<\/li>\n
- Regular review and improvement of protective measures<\/li>\n<\/ul>\n
And what happens if you don’t comply: hefty fines of up to \u20ac10 million or 2% of annual turnover \u2013 and potentially massive damage to your reputation.<\/p>\n
Digital Operational Resilience Act (DORA): IT risk management is becoming a legally binding discipline for all companies in the financial and insurance sectors, including IT service providers in these industries.<\/p>\n
Cyber Resilience Act: Emphasises the responsibility of manufacturers and software providers to deliver secure products. This affects entire ecosystems and supply chains. <\/p>\n
Actively addressing these requirements is important not only for compliance reasons, but also because they provide a useful framework for IT security strategy.<\/p>\n<\/div>
<\/div><\/div><\/span>\ud83d\udcc9 5. The human factor: Lack of expertise becomes a risk<\/h2><\/h2><\/span><\/div><\/div><\/div>Despite technical advances, one thing remains constant:<\/p>\n
The biggest weak spot is sitting in front of the screen.<\/strong> This applies to social engineering as well as to faulty configurations.<\/p>\nBut who should take responsibility when:<\/p>\n
\n- IT managers repairing printers, patching servers and maintaining ERP systems all at the same time?<\/li>\n
- No time for further training?<\/li>\n
- Is there a lack of awareness on the part of management?<\/li>\n<\/ul>\n
According to a Bitkom study from 2024, 68% of SMEs say that they cannot build up enough security expertise internally. And yet many companies shy away from seeking external support \u2013 for fear of costs, loss of control or complexity. <\/p>\n<\/div>
<\/span><\/div><\/div><\/div><\/span>\ud83d\udee0\ufe0f 6. Pragmatic solutions \u2013 what really works<\/h2><\/h2><\/span><\/div><\/div><\/div>We see in practice that the decisive difference is not the budget, but the courage to implement a structured approach. What works is not a huge project, but a clear, realistic roadmap. <\/p>\n
1. Security assessment as a starting point<\/h3>\n
Where do you really stand? Which systems are exposed? What are your crown jewels? A technical and organisational check provides the answers. <\/p>\n
2. Prioritise protective measures<\/h3>\n\n- Not all at once. Instead: <\/li>\n
- MFA (multi-factor authentication)<\/li>\n
- Patch management<\/li>\n
- network segmentation<\/li>\n
- Logging & Monitoring<\/li>\n
- Basic protection for end devices<\/li>\n<\/ul>\n
3. Raising awareness \u2013 internally and externally<\/h3>\n
Training courses are not a chore, but a survival strategy. A well-informed employee is more valuable than any firewall. <\/p>\n
4. Clarify responsibilities<\/h3>\n
Who makes decisions in an emergency? Who reports incidents? IT security requires defined roles \u2013 not gut feelings. <\/p>\n
5. Understand external support not as a weakness, but as a strategy<\/h3>\n
An external IT security partner can provide specialised expertise \u2013 scalable, controllable, efficient. From 24\/7 monitoring and vulnerability scans to support with NIS2 audits. <\/p>\n<\/div><\/div><\/div><\/div><\/div>
<\/div><\/div><\/span>\ud83e\udde9 Case study 7 (November 2023\/2024)<\/h2><\/h2><\/span><\/div><\/div><\/div>Company: Nordwest Handel AG, Dortmund Industry: Wholesale & logistics Size: approx. 1,200 employees, over 1,000 specialist retail partners Date of incident: November 2023 Type of attack: Ransomware attack with partial data encryption<\/p>\n
Causes & weak points<\/h3>\n
Specific technical details have not been made public for understandable reasons. However, it is known that the attack was not carried out via social engineering or phishing, but presumably via a technical vulnerability in the system \u2013 an indication of exploitable attack paths in third-party software or insufficiently secured services. <\/p>\n
Consequences of the attack:<\/h3>\n\n- Temporary shutdown of essential IT services<\/li>\n
- Slowed down or halted ordering and logistics processes<\/li>\n
- Emergency operation with manual support<\/li>\n
- High organisational effort required for recovery<\/li>\n
- Internal resource allocation and external costs<\/li>\n
- The financial damage has not been publicly quantified, but is likely to have been significant given the company’s role in the supply chain.<\/li>\n<\/ul>\n
Lessons learned from the incident:<\/h3>\n
This incident exemplifies:<\/p>\n
\n- Even established B2B companies with their own IT teams are vulnerable.<\/strong><\/li>\n
- Small and medium-sized enterprises are increasingly becoming the focus of professional cybercriminals.<\/li>\n
- Protection provided by traditional antivirus solutions is no longer sufficient.<\/li>\n
- Without contingency plans, backup strategies and external support, companies can quickly become overwhelmed.<\/li>\n<\/ul>\n<\/div><\/div><\/div><\/div><\/div>
In 2025, several regulatory requirements will come into force that may also affect small and medium-sized enterprises \u2013 either directly or indirectly through their role as service providers or suppliers:<\/p>\n
NIS2 Directive (EU): Far-reaching requirements for cybersecurity, risk analysis, business continuity and reporting obligations. It affects not only critical infrastructures, but also many medium-sized companies \u2013 often without their knowledge. What NIS2 requires:<\/strong><\/p>\n And what happens if you don’t comply: hefty fines of up to \u20ac10 million or 2% of annual turnover \u2013 and potentially massive damage to your reputation.<\/p>\n Digital Operational Resilience Act (DORA): IT risk management is becoming a legally binding discipline for all companies in the financial and insurance sectors, including IT service providers in these industries.<\/p>\n Cyber Resilience Act: Emphasises the responsibility of manufacturers and software providers to deliver secure products. This affects entire ecosystems and supply chains. <\/p>\n Actively addressing these requirements is important not only for compliance reasons, but also because they provide a useful framework for IT security strategy.<\/p>\n<\/div> Despite technical advances, one thing remains constant:<\/p>\n The biggest weak spot is sitting in front of the screen.<\/strong> This applies to social engineering as well as to faulty configurations.<\/p>\n But who should take responsibility when:<\/p>\n According to a Bitkom study from 2024, 68% of SMEs say that they cannot build up enough security expertise internally. And yet many companies shy away from seeking external support \u2013 for fear of costs, loss of control or complexity. <\/p>\n<\/div> We see in practice that the decisive difference is not the budget, but the courage to implement a structured approach. What works is not a huge project, but a clear, realistic roadmap. <\/p>\n Where do you really stand? Which systems are exposed? What are your crown jewels? A technical and organisational check provides the answers. <\/p>\n Training courses are not a chore, but a survival strategy. A well-informed employee is more valuable than any firewall. <\/p>\n Who makes decisions in an emergency? Who reports incidents? IT security requires defined roles \u2013 not gut feelings. <\/p>\n An external IT security partner can provide specialised expertise \u2013 scalable, controllable, efficient. From 24\/7 monitoring and vulnerability scans to support with NIS2 audits. <\/p>\n<\/div><\/div><\/div><\/div><\/div> Company: Nordwest Handel AG, Dortmund Industry: Wholesale & logistics Size: approx. 1,200 employees, over 1,000 specialist retail partners Date of incident: November 2023 Type of attack: Ransomware attack with partial data encryption<\/p>\n Specific technical details have not been made public for understandable reasons. However, it is known that the attack was not carried out via social engineering or phishing, but presumably via a technical vulnerability in the system \u2013 an indication of exploitable attack paths in third-party software or insufficiently secured services. <\/p>\n This incident exemplifies:<\/p>\n\n
\ud83d\udcc9 5. The human factor: Lack of expertise becomes a risk<\/h2><\/h2><\/span>
\n
<\/span><\/div>\ud83d\udee0\ufe0f 6. Pragmatic solutions \u2013 what really works<\/h2><\/h2><\/span>
1. Security assessment as a starting point<\/h3>\n
2. Prioritise protective measures<\/h3>\n
\n
3. Raising awareness \u2013 internally and externally<\/h3>\n
4. Clarify responsibilities<\/h3>\n
5. Understand external support not as a weakness, but as a strategy<\/h3>\n
\ud83e\udde9 Case study 7 (November 2023\/2024)<\/h2><\/h2><\/span>
Causes & weak points<\/h3>\n
Consequences of the attack:<\/h3>\n
\n
Lessons learned from the incident:<\/h3>\n
\n