We recently had the opportunity to sit down with Michael Sonne, CIO of Software AG, and asked him how phishing attacks are concerning every industry.
Safety Detectives: What has your journey to your current job been?
Michael Sonne: My journey has been full of exciting opportunities and experiences, in the last (almost) two years at Software AG, we have continued to accelerate our business and transform IT, so it is an exciting place to be. My previous experience which has led me here comprises 12 years as a CIO in Information Technology, including exciting opportunities to work in executing IT strategy, building digital platforms, business processes, and IT service management. From the start of my career over 20 years ago as network manager, I have witnessed the IT world change astronomically, and with this comes exciting new opportunities and I continue to learn every day. Since I spent many years in the online business as a CIO developing digital platforms, the topic of cyber security in all its facets has always accompanied me and I was also able to experience the various stages of evolution here.
SD: What do you love about working in cybersecurity?
MS: Cybersecurity is a fast-emerging topic, even more so with the last two years and a shift in the working environment for many businesses. With this, the cyber security world is ever-changing, which means that we need state-of-the-art technology and innovation to be on top of our game. This is a constant challenge and one which I’m very passionate about.
In addition, more than ever before, cybercrime is becoming a rapidly growing real business model against which all kinds of companies need to be well prepared and I love to prepare our environment to defeat the dark side of power.
SD: What are the worst cyberthreats out there today?
MS: It’s a tricky question. My first reaction would be—the ones you don’t know! (E.g., zero-day exploit, etc.)
But to be a little bit more precise, Cyberthreats are constantly changing and becoming more sophisticated, we are facing different challenges around every corner. Today, we see an increase in phishing attacks which account for around 90% of all breaches companies face—growing over 65% in the last year.
These threats highlight how important it is to invest in cybersecurity and training to keep people and businesses secure.
SD: How is the pandemic changing cybersecurity for the future?
MS: From my perspective and without counting the increasing number of e.g., phishing attacks, not so much at all. Your systems should have been secured also before the pandemic.
But the pandemic has forced companies’ networks, business plans, and digital transformation to new places. With this change, comes more risk and exposure to cybercrime and especially awareness training is even more important because the employees work remotely in the home office, where it is more difficult to reach them and to keep the awareness high, especially since some employees can be distracted more often by their family situation or living environment, for example, and thus careless mistakes such as a quick click on a link in a phishing email can creep in.
So our work-life has changed, and the emerging “work from anywhere” approach in a lot of businesses will continue to complicate cybersecurity.
And new digital tools we use in this approach present new risks, and cybersecurity has never been more important.