“Always having a finger on the pulse”: The challenge of cybersecurity

The number of cyber attacks worldwide has been on the rise for years. In Germany alone, cybercrime costs companies billions in damages. It’s cyber professionals like Daniel Sauder whose job it is to take up with attackers – week in and week out. However, the attacks are becoming more and more sophisticated and more and more rapid. Read on to find out how the Head of Offensive Security & Security Enablement and his team at thyssenkrupp continue to outsmart these attackers.

The figures are alarming: the IT company Cybersecurity Ventures estimates that cybercrime cost six trillion dollars in damages in 2021. By 2025, losses could rise to 10.5 trillion dollars. But companies have already reacted and invested significantly in cybersecurity measures and the corresponding workforce. This is also hugely important. Because the attacks are becoming increasingly professional - and the ones behind the attacks increasingly better at what they do.

What would happen if thyssenkrupp didn’t have its own Cyber Security team? That’s something that Daniel Sauder would rather not think about. He has been responsible for “Offensive Security & Security Enablement” at thyssenkrupp’s Solution Centre for Cyber Security since 2021. “One thing is a given: cyber attacks would increase, and ransomware problems and industrial espionage would increase significantly,” says Daniel. “This would lead to a breakdown in production and economic losses. Fraudulent activity would become more prevalent as would attacks on websites and infrastructure.”

A license to hack

The Solution Centre for Cyber Security at thyssenkrupp was founded to prevent this exact thing from happening. Daniel’s responsibilities as Head of Offensive Security & Security Enablement include disciplines such as “Penetration Testing” and “Vulnerability Management”. When it comes to penetration testing, or “pen testing” as it’s otherwise known, cyber professionals manually test their own systems for security vulnerabilities. Vulnerability management, on the other hand, is concerned with identifying and remedying vulnerabilities in cyber infrastructure. “We have overcome countless challenges here over the years. Both technical and organisational in nature,” Daniel reveals.

Daniel is a senior IT professional himself. From 2004 to 2012, the now 44-year-old was responsible for network and server administration, programming websites and databases, and working in IT support. In 2012, he specialised in cyber security: he worked as a penetration tester from 2012 to 2015, a “licensed hacker” if you will. He gained legal access to IT systems in order to detect their security vulnerabilities. And then, in 2015, Daniel started working for thyssenkrupp. Until his promotion in 2021, he supported the Computer Emergency Response Team (CERT) in Essen as a CERT Specialist; there, teams of experts were deployed to find solutions to specific IT security incidents.

The great challenge for Daniel and his team was that cyber attacks could be carried out anonymously from anywhere in the world and attackers could cover their tracks relatively easily. And increasing digitalisation is not exactly helping the threat situation either. After all, the increasing number of systems that are connected to the company’s network increases the likelihood of an attack. This is why Daniel has long since forgotten what an average workday looks like: “Every day comes with its own new set of challenges.”

The proverbial well-oiled machine

“The whole world of cyber security is very fast-paced,” Daniel reveals. "We constantly have to adapt to new threats and scenarios, and keen a finger on the pulse. One of the things we do to stay ahead of the curve is attend training sessions and conferences. But what’s most important to us is the intensive networking we do with other experts and the various websites and blogs we use to stay up-to-date.” This is where many recognized experts share up-to-date information on critical threats and vulnerabilities.

Daniel has long seen the game of cat-and-mouse he plays with cyber criminals as more than just a job. It is a huge challenge and a passion that is just as fascinating. "It’s not just technical problems and solutions," Daniel explains. "It's also the challenges on the organisational and communication level that excite me.”

Daniel can really count on his excellently trained and highly motivated team. "Our teams are characterised by high levels of expertise and commitment, and a strong sense of identification. We are very much the proverbial well-oiled machine. It simply wouldn’t work without the staff at our sites in Essen and Gdańsk".

Does the topic of cybersecurity fascinate you? Are you looking for a challenge that is more than just a job? Then visit our job board for exciting job advertisements in IT and cyber security!