News & Insights
SECURITY INSIGHTS
01 July 2022
Trending Topics cybersecurity – June 2022
BSI President Arne Schönbohm sees a significantly heightened threat level due to cyberattacks in Germany. In June, municipal institutions, energy suppliers as well as political parties and federal authorities were among the targets of cybercriminals.
SECURITY INSIGHTS
01 April 2022
Hackers use Spring4Shell exploit for remote code execution
Hackers are using the Spring4Shell vulnerability to inject malicious code onto vulnerable servers, posing the threat of major damage. Learn here how Myra protects against the new threat.
SECURITY INSIGHTS
21 March 2022
Risks in BaFin’s Focus 2022: Supervisory Authority Wants to Intensify Dedicated IT Audits
Cyber incidents pose a growing threat to the financial industry. BaFin is responding to this development with tighter IT controls and enforcement measures.
SECURITY INSIGHTS
28 February 2022
Supervisory authorities step up data protection controls in the public sector
EU supervisory authorities have launched a comprehensive investigation into cloud use in the public sector. The objective is to uncover and remedy any breaches of data protection.
SECURITY INSIGHTS
24 January 2022
Log4J vulnerability: internet on red alert
The critical “Log4Shell” vulnerability in the Java Log4J library enables attackers to inject malicious code on web servers and inflict massive damage. Find out everything you need to know about the vulnerability and how you can protect yourself.
SECURITY INSIGHTS
21 January 2022
Cyber incidents are the greatest risk to companies
Allianz rates cyber incidents caused by attacks or technical failures as the most significant risk for companies in 2022.
SECURITY INSIGHTS
01 December 2021
Operational resilience: BaFin puts even greater focus on cybersecurity
BaFin has set itself the goal of strengthening the operational resilience of the financial industry. An important part of this is the digital safeguarding of banks, insurance companies, and affiliated service providers.
SECURITY INSIGHTS
28 October 2021
Regulators take action against unauthorized use of U.S. cloud service providers
In an interview, KPMG legal expert Sebastian Hoegl reveals how Europeancompanies can best respond when they get a letter from the data protection authority or have concerns about whether they are violating data protection provisions by using U.S. cloud service providers.
SECURITY INSIGHTS
14 October 2021
A scalpel, not a shotgun: DDoS extortion with increasing precision
Extortionists are increasingly targeting cash-rich companies in critical sectors such as finance and healthcare. Having preventive protection for operational business is therefore crucial.
SECURITY INSIGHTS
27 August 2021
223 billion euros in damage caused by cyber attacks – why the number of unreported cases is much higher
When critical infrastructure is attacked, the actual damage is far greater. That is why the protection of critical infrastructure is fundamental to the well-being of us all.
SECURITY INSIGHTS
26 August 2021
BaFin revises MaRisk and BAIT: Higher compliance requirements for banks
In light of advancing digitization, cybersecurity is becoming an even greater focus of supervisory attention. Institutions must prepare for new or more specific regulations related to outsourcing, contingency management, and effectiveness controls, for example.
SECURITY INSIGHTS
18 August 2021
The lessons from the cyber disaster in Anhalt-Bitterfeld
For maximum security, existing protective measures should be continuously reviewed and adapted. Specialized service providers can help with this.
SECURITY INSIGHTS
02 June 2021
Digital bank heists: Bonnie and Clyde would be hackers today
These days, bank robbers are no longer armed with a handgun nor wear a hood – a laptop and just a bit of criminal energy are often all that’s needed.
SECURITY INSIGHTS
19 May 2021
IT security creates a foundation of trust for e-health solutions
In the healthcare sector, digital solutions are increasingly being used in administration, diagnostics, and treatment. Security and data protection are given top priority in order to promote social acceptance of e-health.
SECURITY INSIGHTS
12 May 2021
Financial regulator steps up controls on IT and cybersecurity
In light of advancing digitalization, cyber risks are becoming an even greater focus for BaFin. The supervisory authority is paying particular attention to the outsourcing of IT services.
SECURITY INSIGHTS
20 November 2021
Cyber insurance: DDoS and blackmail cause the most expensive damage
While external attacks account for the majority of the damage, internal incidents are the most common cause of cyber damage—but with a lower financial impact.
SECURITY INSIGHTS
02 November 2020
Cyber warfare: US military succeeds in strike against the TrickBot botnet
The U.S. Cyber Command has temporarily disrupted the botnet allegedly controlled by Russian cyber criminals to prevent it from impacting the U.S. presidential election.
SECURITY INSIGHTS
26 October 2020
BSI report: “Threat situation in the KRITIS sector remains at a high level”
CRITIS operators across sectors face DDoS and ransomware attacks in particular. Complex DDoS attacks on banks caused disruptions in payment transactions.
SECURITY INSIGHTS
05 October 2020
Lives depend on cybersecurity in critical infrastructures
A ransomware attack brought down key systems at the University Hospital of Düsseldorf. Due to limited operations, there were major restrictions in patient care – with tragic consequences.
SECURITY INSIGHTS
03 September 2020
BaFin demands higher hurdles for IT outsourcing
Raimund Röseler, BaFin Executive Director for Banking Supervision, is in favor of IT outsourcing to qualified service providers. However, he is calling for the right of direct control over the service providers. Banks must choose their IT partners with care.
SECURITY INSIGHTS
15 July 2020
Digitization in healthcare in demand as never before
International studies show that patients are increasingly demanding digital treatment methods such as telemedicine, health apps or AI-supported diagnosis programs. However, IT security, data protection and compliance are the basis for successful digitization in the healthcare sector.
