When you ask CIOs about their most pressing issues, cybersecurity is often at the top of the list. This is also the case for Harald Berger, CIO of the Freudenberg Group and long-time CIOMover.
The threat posed by cybercrime is countered by a persistent shortage of skilled workers, which drastically exacerbates the problems of IT and IT security departments in companies. The market for security specialists is empty, “we can’t even find people through headhunters,” Harald Berger laments the situation. His solution: outsourcing.
A look at the figures shows that the concerns are justified: A good three quarters of all companies in Germany, for example, had problems filling their IT vacancies in 2021. In 2016, it was about half, in 2019 about two-thirds.
This correlates with an increase in IT security incidents: Last year, 15 percent of all companies in Germany were exposed to critical situations. In 2018, it was only nine percent. And attacks alone cause damage to the German economy of around 200 billion euros per year, and the trend is rising.
On the one hand, this situation calls for investments in IT security to technically secure the IT infrastructure. Automation, zero trust, data-driven security analyses, artificial intelligence: there are many ways to take the initiative. They all work to improve security without increasing the workload of employees.
Outsourcing IT security tasks, as favoured by Harald Berger, is another option that is rarely used, albeit for reasons that are difficult to understand: only a quarter of all companies surveyed by Bitdefender for the “Cybersecurity Posture Survey Looking Forward 2023” outsource IT security tasks to an MSP, an MSSP or an MDR service provider. Another 13 percent are thinking about it. A whopping 61 per cent, however, cannot imagine doing so.
“The fact that outsourcing IT security is not an issue for two-thirds of the respondents may be understandable due to concerns about the intellectual property of data and compliance,” comments Jörg von der Heydt from Bitdefender. Nevertheless, he expresses surprise at this, “because no one can provide IT security on their own. Only platform security and outside help provide sufficient IT security.”
“At the moment, no one can do without partners,” says Harald Berger. “We can’t recruit or develop staff at will, so it’s logical for us to bring in outside support.” With this help, Harald is counting on strengthening the bread-and-butter business of IT security, because for him it’s all about the hard skills – in addition to improving awareness – that have been neglected for too long. “It’s about recognising attack attempts as early as possible and securing networks against such attacks, but also against the carelessness of one’s own employees.”
Dr Harald Berger is an experienced Group Chief Information Officer with a demonstrated history of working in the Information Technology and Consumer Products industry.
Harald is skilled in Strategic IT Management, Customer Relationship and Supply Chain Management, Human Resources, Organisational Development and cross-functional Team Leadership. He enjoys the personal interaction with different organisations, people and cultures. In his private life Harald likes fitness, cycling and mountain climbing as well as good food, wine and whiskey.