Written by Uwe Sievers
This year, it-sa was once again held as an in-person trade fair complemented by digital formats on the it-sa 365 dialogue platform. More than 270 exhibitors and some 5,200 trade visitors met in Nuremberg to discuss the latest trends in cybersecurity. These include cloud solutions as well as new protection concepts against ransomware, which is a growing threat.
The latest Situation Report on Cybercrime by the German Federal Criminal Police Office is decidedly unsettling. It states that the number of cybercrimes recorded grew by around 8 percent in 2020 while the clearance rate remained at about a third.
The German state of Hesse checked all 422 of its municipalities in the summer. What it found was that 74 percent had experienced dangerous security problems, partly as a result of obsolete software and partly due to inadequately protected database systems.
The Mecklenburg-Vorpommern district of Ludwigslust-Parchim was a recent victim of a ransomware attack by cybercriminals. Malware infiltrated the systems of the municipal IT service provider and shut down large sections of public administration in Schwerin and its surroundings. As a consequence, public authorities and other municipal institutions had to be closed.
One way in which companies and public institutions are responding is by increasing their security budgets. According to a study conducted by the market research institute IDC and commissioned by the industry association Bitkom, over six billion euros are being spent in Germany in 2021. This raises the sector’s profits to an all-time high.
Many exhibitors at it-sa 2021 took advantage of the event to present their innovations live. For example, the latest trends include the growing “migration” of security to the cloud and new methods of endpoint security.
More and more, companies are turning to the cloud. This creates security risks that users tend to underestimate and that companies can’t fully monitor. Appropriate technological solutions are in demand and are available thanks to SASE (Secure Access Service Edge). Multiple providers presented products that use this technology at it-sa. Simply put, the principle behind SASE is to shift control from on-premise web gateways to a SASE provider in the cloud. This provider combines the monitoring of web page accesses with a firewall, filters for malware downloads, access regulations and more. Good providers have highly up-to-date lists of malicious websites that can be blocked as soon as they become known. This greatly reduces the risk that phishing e-mails will infect the company with malware as a result of one wrong click. Some options go even further: “Websites that are accessed can be rendered directly in the SASE cloud and the result transferred to the user only as an image,” explains Stefan Strobel from the consulting firm cirosec. This protects users against negative effects from any elements hidden in the site and prevents downloads of third-party modules. Website providers are no longer controlled directly from the browser but only from the SASE proxy, which also increases data security because almost no personal or browser-specific data is transmitted.
The above-mentioned example of Mecklenburg-Vorpommern illustrates the escalating threat of ransomware. Providers are responding with new developments. For example, they’re installing a sort of safety net in front of mass storage. When ransomware tries to encrypt large numbers of files, the process is immediately interrupted and the damage kept to a minimum – but without completely deactivating mass storage. Instead, only infected clients are separated out and unaffected clients can continue operating. The manufacturers of storage systems have now recognised the need for security measures and, to a certain extent, are already integrating these products into their systems.
Another trend is abbreviated XDR. It represents an extension of the technology known as EDR (Endpoint Detection and Response) and essentially extends it with cloud elements – hence the name, Extended Detection and Response or XDR. The purpose is to further automate incident analysis, improve the mapping of interrelationships across clients and implement measures more efficiently. Although almost all providers of products formerly designated as antivirus solutions use this acronym, implementations differ greatly.
This year’s winner of the it-sa UP21@it-sa Award is XignSys , which has come up with an innovative identity solution. The goal is authentication without passwords – for example, for citizen-oriented services in the public sector, such as departments and authorities. CEO and co-founder Markus Hertlein describes the in-house development as follows: “With Xign.Me, we’ve developed a higher-level identity broker that serves as an end-user solution on smartphones and cooperates with the XignIn server component.” However, this identity verification can also be used by companies. “If a municipal utility already has the user data and uses it, for example, for billing electricity usage, a car sharing provider could be connected via the broker and use the data to perform customer identification,” explains Hertlein. The benefit for customers is that they don’t have to provide additional personal data. In this example, verification is performed at the municipal utility and the car sharing company receives only the results. This solution was recently reviewed by the German Federal Office for Information Security (BSI) with positive results.
