Steinbeis experts offer specialist training to SMEs
Whereas large companies and corporations have internal security experts to turn to in the event of an IT security incident, small and medium-sized enterprises (SMEs) have to fend for themselves. But without the required expertise, it’s common for incidents to be misjudged and as a result, inappropriate corrective measures are introduced. As part of a cybersecurity network coordinated by the German Federal Office for Information Security (BSI), the Steinbeis Consulting Center for Digitization, Management and IT helps companies provide staff with training to qualify as incident experts.
Business surveys confirm that companies want holistic responses to emergencies based on the following:
- A central emergency number for IT security issues
- Rapid and detailed information in the event of actual damage
- Access to information packages, including a list of reliable contacts in the event of an emergency
- Rapid, individual help in the wake of an IT security incident
This is where the BSI’s cybersecurity network comes in. The aim of the network is to establish a decentralized nationwide structure offering efficient and inexpensive support not just to SMEs, but also to members of the general public in the event of IT security incidents.
Becoming an incident expert with Steinbeis
The BSI’s role as the cybersecurity authority for the German state, the business community, and society overall is to build reactive competences, particularly for small and medium-sized enterprises. Aside from incident experts and providers of training services, a central role is played by so-called digital first responders. Their job is to make a qualified assessment of IT security incidents, to provide first aid to targets in the event of minor IT malfunctions and incidents, and to supply initial recommendations for required actions. The Waiblingen-based Steinbeis Consulting Center for Digitization, Management and IT provides training to incident experts on behalf of the BSI.
Starting in September 2021, the experts at Steinbeis will be running three-day training courses to become an incident expert, covering the topics of launching “digital rescue chains,” the responsibilities and tasks of an incident expert, and procedures for handling incidents in the event of actual damage. Training includes modules on attack scenarios, first response, countermeasures, remote and on-site support, and standard procedures.
After completion of the training, participants can undergo individual certification through the cybersecurity network of the BSI. Certification provides a stepping stone for incident experts to be adopted on the BSI’s cybersecurity network list.
Prof. Dr. Matthias Mehrtens (author)
Steinbeis Consulting Center for Digitalization, Management and IT (Waiblingen)