IT Solutions - Oct 7, 2021

Three steps for more IT security: Prevention. Detection. Reaction.

Modern security concepts start with security awareness and include a holistic approach that encompasses these three pillars: Prevention. Detection. Reaction. Only with the help of this triad can companies effectively protect themselves against data theft, sabotage and extortion. In addition, companies must involve their management and adopt a strategic approach: This is the only way to turn an often unloved Pflicht discipline into a key factor for the future.

Written by

Deputy Director Corporate Communications


From phishing and blackmail with ransomware, to website attacks, the darknet and Crime as a Service, cybercriminals are expanding their methods and scope and one thing is for sure, no stone of the enterprise is left unturned, particularly as hackers are increasingly focussing their attentions on critical infrastructures. This includes organisations and facilities of significant importance for communities, the failure or impairment of which would result in long-lasting supply bottlenecks, significant disruptions to public safety or potentially have other dramatic consequences. In 2020, there were precisely 419 KRITIS reports from 1,700 registered KRITIS sites. That means a quarter suffered a cyberattack. 

So, what can be done to deal with the threat?

Security begins with raising awareness among employees. Having a sophisticated security operations centre is useless if employees open e-mails from unknown sources, open attachments or connect the USB stick they found in the car park to the PC which is wholly unprotected. Prevention is so important as it goes one step towards protecting the IT infrastructure, regardless if that’s on-premise or in the cloud.

Security @Bechtle – facts and figures.

With more than 280 IT security specialists working in 16 dedicated Competence Centres and 14 other security teams, Bechtle is an important partner for many customers when it comes to security. As a leading IT system house, Bechtle has a wide range of vendor partners covering everything from application security and infrastructure protection to tailored Managed Security Services.

Multi-cloud architectures often leverage cloud-native security vendor solutions that have been developed from the ground up for new application environments and therefore free from legacy constraints. These are, first and foremost, agile solutions that allow scalable solutions to be used as required focussing on topics such as security management in the cloud (CSPM), workload protection (CWPP) and SecDevOps solutions.

IT security – The road to resilience.

In terms of detection, Bechtle is developing in-house services and is expanding its portfolio in a targeted way with solution providers that know how to meet the needs of SMEs. “Security concepts that allow SMEs to boost their level of network security are needed. This means using mainly products that “talk” to each other, automatically close vulnerabilities in the network, or block attacks originating from the infrastructure and quarantine files containing malicious code and infected clients. Here, open interfaces like REST APIs or entire propriety security fabrics can be used. The benefit for the IT department is fewer complex manual interventions and more time for business-oriented tasks,” says Golo Königshoff, Head of Network & Security at Bechtle IT Hanover.

Security with the Bechtle Cyber Defence Centre.

As risks have increased and developed over the past few years, it’s become clear that there is no such thing as 100% protection. However, companies can secure their assets to the best of their abilities if they have a holistic overview of their defences. The primary objective is to identify, track and respond to suspicious behaviour in an appropriate manner. With its Cyber Defence Centre, Bechtle gives businesses the opportunity to set up a powerful security operations centre (SOC) without the need for a large number of staff.

We offer our customers two possible approaches. The first, conventional approach includes a classic Security Information and Event Management (SIEM), which collects events from the customer network and compares them with a pre-defined set of rules. In this way, threats can be detected and thwarted by a trained employee. A more modern approach goes quite a lot further in that it not only detects potentially risky activities, but also automatically implements measures to minimise the damage. Such an approach can be implemented using Bechtle’s next-generation Cyber Defence Centre solution that continuously checks network components, servers and end devices for anomalies and then orchestrates an overriding instance resulting in permanent all-round protection of your IT infrastructure.

Enhanced IT security thanks to artificial intelligence.

The aim of Bechtle’s next-generation cyber defence approach is the ensure information remains completely secure across the entire infrastructure. It brings together highly-automated technologies and forensic tools for network and operating system monitoring in order to detect threats in real-time. Artificial intelligence enables the platform to learn from behaviours it sees and allows it to effectively tell acceptable behaviour apart from potentially dangerous anomalies. 

Another important aspect is the availability of the security experts. Even if enterprises want to invest in expanding their workforce, specialists in this field are hard to come by and public authorities are competing with companies in the fields of economy and science for them. “The number of universities and colleges offering courses for the IT and cyber security experts of the future may have risen, but Germany is still lacking the capacity to handle the demands of today or to tomorrow,” says Christian Grusemann, Business  Manager Security at Bechtle. “By relieving our customers of operational responsibility of their security infrastructures, our highly-qualified experts are making an important contribution to their sustainable future.”

This is where our comprehensive end-to-end security solution comes in—no matter whether you operate Industry 4.0, a classic IT infrastructure, a cloud solution or networked mobile working.

Christian Grusemann, Business Manager Security 


Christian Grusemann,

Business Manager Security.

The Bechtle Cyber Security Incident Response Team.

The last step is the response. Crisis management handles issue resolution, but since there is no such thing as complete protection, hackers can get around your defences. In this case, Bechtle’s Cyber Security Incident Response Team (CSIRT) are able to limit the damage or prevent the attack from spreading. In order to quickly find a suitable approach to resolving issues, Bechtle leverages its many years of experience, broad-ranging knowledge and modern methods such as:

  • Crisis management, planning and coordination of methods
  • Set up, installation and configuration of an analysis platform if required
  • Collection and back up all important information on Windows systems (logs, events, images) from, for example, firewalls, NDR and EDR systems
  • Analysis of backed up data, forensic and behaviour analysis of network traffic and activities on end devices
  • Development of a communications and response matrix
  • Use of certified security tools
  • Development of short and long-term security solutions
  • Removal of malware, highlighting of vulnerabilities, support to resolve damage caused to consultation on the procurement of new hardware and software solutions
  • Documentation of implemented tasks
  • Presentation of results.
IT security – Regulations Laws. Standards.

“The growth in the number of threats is piling the pressure on SMEs,” says Christian Grusemann. Stable business operations, the protection of expertise and reputations, and not least, use of the latest technologies are all crucial in order to rise above the competition. “While large enterprises have the resources to build security solutions according to best of breed approaches and recruit qualified employees, SMEs face the daunting task of investing the right amount in suitable infrastructures and security workers.

Legal obligations, reporting requirements as well as the resulting need to reconcile technical and organisational security also all play crucial roles. Against this backdrop, IT security is a highly topical issue, for example, for those operating critical infrastructures. If the thresholds to identify critical infrastructures under the German Critical Infrastructures Ordinance (BSI Kritisverordnung) are reached or exceeded, companies are obliged to prove that their IT infrastructures are protected in compliance with the Ordinance.

The German Critical Infrastructures Ordinance implements the German IT Security Act (IT-SiG) which has been in force since 2015. Its aim is to increase the security of information technical systems and contribute to the protection of critical infrastructures in Germany (NIS Regulations at European level). The IT Security Act obliges organisations to comply with a defined minimum of information security with the aim of achieving confidentiality, availability and integrity. The IT Security Act 2.0 published in 2021 introduced further requirements such as introducing attack detection systems in companies working in the energy industry.

Bechtle offers IT security solutions in the following areas:

  • Application and cloud security
  • Data centre security
  • Data protection and information security
  • Cybercrime and defence
  • Infrastructure and perimeter security
  • Workplace security

In addition to the IT-SiG 1.0, 2.0 and GDPR, there are also other regulations such as the Law on Control and Transparency in Business (KonTraG) and standards for information security management systems (ISMS) such as ISO 27001, BSI baseline standards and industry-specific security standards (B3S for KRITIS organisations) to consider.

No escape from GDPR.

The European General Data Protection Regulation came into force in 2018. This governs the handling of personal data by private enterprises and public sector entities at an EU level. It aims to both ensure the protection of data within the European Union as well as free data movement within the European domestic market.

There are some important crossovers with information security, including the technical and organisational measures to secure processes or raising awareness among employees on how to securely handle data. “A security incident is often also a data protection incident and vice versa,” explains Frank Peter, head of the Data Protection and Security Competence Centre, Bechtle Solingen. It is therefore becoming increasingly important for companies to interweave information security and data protection and this can only happen when both are well organised as management systems. This also enables companies to benefit from the synergy of the two.

What happens next?

“We help to identify and close cybersecurity gaps,” says Philipp Schütz, Senior Consultant for Information Security. “To do so, we use our 360° high level security analysis. By carrying out an assessment of information security management (ISMS), data protection (e.g. DSGVO readiness), privileged access management (PAM), security operation centre, crisis management and business continuity (BCM), network security and client security, and pentesting, our customers receive a holistic overview of the situation and specific recommendations for measures for a resilient cyber security organisation. We tend to then advise our customers on the implementation of the resulting projects or take on responsibility as an external information security manager, data protection officer or cyber security manager.”

Contact person.

Christian Grusemann

Business Manager Security



  • Article: Public institutions are increasingly on hacker's radars.
  • Reference: eurofunk combines security and usability thanks to VMware NSX and zero trust.
  • Blog: Email security at schools an universities.



Get the best from the Bechtle update every six weeks directly into your mailbox. Click here to register:



Share this page

This post was published on Oct 7, 2021.