Corporate Information is not a condition that is achieved once and then remains forever. Thanks to ever-advancing digitization, corporate growth and many other factors, there are always new tasks that need to be mastered. In specialist blogs and newspapers, one reads about how information security and cyber security will be the dominant topics in 2023 and probably also in 2024. Many companies have already addressed the issues this year due to the increasing number of hacker attacks. Everybody else should start doing so in 2023.
- But what should companies include on their to-do list for 2023? In this article, we present the most important trends for 2023 and look forward to supporting you on your way to increased information security.
Trend 1: The Supply Chain Protection Act
Alarming statistics: Less than 20% of companies comply with due diligence requirements. 79 million children are affected by child labor and 25 million people by forced labor.* Not to mention their wages…
With the introduction of the Supply Chain Protection Act and core regulations, the German legislature will for the first time make companies responsible for conditions in their supply chains. The overarching goal is to protect human rights in global supply chains and to provide evidence of the measures taken.
- The law was approved by the Bundesrat (upper house of the German parliament) on June 25, 2021, and will be mandatory for companies with 3,000 or more employees from 2023. From 2024, it will be mandatory for all companies with 1,000 or more employees.
The Protection Act sets out clear and implementable requirements for corporate due diligence. Whether a company fulfills these sufficiently is audited by the Federal Office of Economics and Export Control.
With great pleasure we support you while the implementation and during the audit. Our solution will be available for you in mid-January 2023.
Trend 2: Cross-industry proof of information security
Increasingly, companies are proactively choosing to objectively demonstrate their information security efforts through certification. Among other things, this has a positive impact on business relationships, as it signals to potential customers / partners that they can demonstrate a certain level of information security.
Certification in accordance with the ISO 27001 standard, for example, is suitable. It applies across all industries and is accredited globally. With our ISO 27001-as-a-Service solution, we put you on the fast track to certification. Modern, self-learning software as well as a trained information security officer from our company lead you purposefully to certification and even support you in the audit.
Trend 3: Combating the shortage of skilled workers
A recent study by a cybersecurity company revealed that a lack of skilled workers in 85% of companies puts cybersecurity at risk. To increase security, the right experts have to be identified and hired for 2023. But this is becoming increasingly difficult for employers.
Do you know how to write a suitable job description for the positions of Chief Information Security Officer (CISO), Information Security Officer (ISB), Data Protection Officer (DPO) or IT Security Officer (CIO)? We have prepared drafts for you to use free of charge.
Trend 4: Protection of your information (also in case of damage)
Protecting and securing your vulnerable information should be a top priority. You should regularly create backups and also test them to ensure that they work. This will allow you to restore your information even in the event of damage. Even if damage doesn’t happen under ideal circumstances, it can be beneficial to protect yourself. In addition to larger companies, more and more small and medium-sized businesses are becoming targets of cyber attacks. It is therefore advisable for all companies to take precautionary measures.
We support you with cyber security as well as backup creation or offer you a customized cyber insurance for your company. Feel free to take a look at our partner solutions:
Trend 5: Raise employee awareness
In the day-to-day handling of information, employee training is an elementary security measure. You should not regard your employees as a security gap, but as a defensive shield against threats. However, this requires creating an awareness of the issue and possible threats.
With our IX employee trainings, we sensitize your employees in a practice-oriented manner and create a sustainable change in behavior that will contribute to the protection of your information.