Interview Thomas Liechti, CEO of Mount10
Interview with Thomas Liechti
Thomas Liechti
Thomas, you are the initiator of the Swiss Cyber Defence DNA. What was your motivation for launching the initiative?
The probability of data loss is probably as high today as it was 20 years ago. Even then, it was possible to lose one's own data, whether because it had been deleted by mistake, the hard disk had a technical defect or a backup copy was no longer readable. Since people could still rely on analog processes, paper and folders back then, the losses were usually still bearable. With today's networking, however, this is no longer the case. A virus attack therefore becomes a super-spreader event, which can possibly even end fatally for the affected company. So far, so good, this is very well known to us in IT.
After many conversations with SME customers, as well as with IT partners, it became clear to me that especially the smaller customers feel completely overwhelmed with the topic of cybersecurity in general and with ransomware in particular. They are told from many sides what they have to do, but it is all too complicated, disconnected and expensive. To help these SMBs out of their dilemma a bit, I decided to go in search of comrades-in-arms who can work with us to put together a simple guide and become implementation partners. This is how we want to support our customers together.
The initiative has met with a great response. Can you say something about the sponsors and the implementation partners?
In order to achieve the goal of the initiative, it was clear that we needed implementation partners who enjoy the trust of the end customers. We need a sponsorship that on the one hand radiates trust and on the other hand can influence something. In addition, the sponsor should also have a certain charisma and credibility that will have an impact on SMEs. To underpin this, we decided to only approach sponsor members who accept that the initiative must be non-profit and must not entail any manufacturer obligations. To my surprise, I found an open ear with almost all the sponsoring members. In other words, the members very quickly provided the right specialists and also exec.-sponsors to create the content as well as drive the initiative forward with personalities. This is underpinned in that many executives themselves or at least GL members have agreed to be present on the kmuschutz.ch site with their own contact details, which is not very often the case. This confirms us in this intention and makes us proud.
What is special about the developed guide? What benefits can you hope readers will derive from the guide?
We succeeded in finding the right words so that SMEs understand what is at stake and the guide actually found its place on an A4 paper. Why on an A4 paper our insight has shown that SMEs don't like to use online tools because they don't know what happens to the data afterward. That's why we deliberately chose a physical A4 flyer, which SMEs can get from their implementation partners or simply print out. By implementing these measures, the SME is better protected against cybercrime and can sleep more soundly.
Do you have an example of the concrete benefits that the developed guidelines have already generated in practice?
As if SMEs didn't already have enough to contend with in the Corona pandemic, they are not spared from criminal activity from the network now either: from one moment to the next, e-mail no longer works or files can no longer be opened. Instead, a skull on a red screen demands a Bitcoin payment while a countdown starts at the same time. A horror scenario for any SME, and yes, been there several times. Any company that responds to such extortion is funding the hackers' machinations. Paying a ransom is comparable to extinguishing a fire with gasoline. However, those who do not respond to the demands have to expect data loss. This threat can and could clearly be eliminated with our guide.
How do you see the future and further development of the initiative?
We have taken a very pragmatic approach in the development and implementation of the initiative. The next steps will be determined by the customers and the implementation partners. Approaches that we are currently examining are the verticalization of the measures, such as special recommendations certain industries with the associated partners. Another topic revolves around the classification of implementation partners, not only regionalization, but their know-how, so to speak a seal of quality. The current partners enjoy a good reputation in the market, at least in their region. For partners operating throughout Switzerland, a seal of quality could make perfect sense. To this end, we are working together with the federal government in a working group that is pursuing precisely this goal.