cybersecurity
Daniel Schatz, CISO | April 21st 2022

Investing in cybersecurity is more important than ever

The last few years have seen major shifts in online threats. All companies – including those in biotech – have to take this seriously and respond accordingly. Daniel Schatz, QIAGEN’s Chief Information Security Officer, explains why it’s crucial to reduce a company’s cyber risk by minimizing its online “attack surface”.

As Russian soldiers began their invasion of Ukraine in the small hours of February 24, unidentified hackers launched a cyberattack on Ukraine. It knocked out satellite internet infrastructure in the country and went on to ripple across central Europe, knocking out, among other things, a German energy company’s remote links to 6,000 wind turbines. Like physical wars, cyberwars cause damage both intentional and collateral. Unlike physical wars, cyberwars lead to crossfire that can hit unintended targets anywhere in the world. 

The Russia-Ukraine war luckily has not yet led to the virtual war many people feared. But the online moves we saw at the end of February – regardless of whether they were backed by Russia or an opportunist attack by someone else – are a timely reminder of a lately disregarded danger. Companies worry about becoming the victim of a directed cyberattack. But they are just as likely – or perhaps statistically more so ¬– of suffering collateral damage through an online attack on another company, even this takes places a long way away. 

Cyberthreats are no longer just the result of hackers directly targeting a company, but also of crossfire from attacks on others. It can affect any company in any sector, anywhere – in critical infrastructure, but also in biotechnology or molecular diagnostics. The harbinger of what happened in February were the “NotPetya” virus attacks in 2017. Companies in the Ukraine were among the first to report being under attack – but infections quickly spread to all sorts of businesses in France, Germany, Italy, Poland, the UK and the United States.

Daniel Schatz has been QIAGEN’s Chief Information Security Officer since 2019, but protecting sensitive data has been the focus of his career for well over a decade. Before joining QIAGEN, he helped the international data provider and news agency Thomson Reuters secure its information from unwanted access – an experience that convinced him that data security was the next frontier. Daniel received his PhD investigating the economics of investing in information security and was building the Information Security program for Perform Group and DAZN before he moved to QIAGEN.

Cyberthreats are no longer just the result of hackers directly targeting a company, but also of crossfire from attacks on others.

Daniel Schatz, Chief Information Security Officer of QIAGEN

A new wave  of cyberthreats

Over the past two years, there has been a double shift in how we perceive cyberthreats and consequently big changes in how companies – and governments – approach cybersecurity. The coronavirus pandemic saw many employees suddenly working from home, posing the challenge of keeping corporate systems remotely accessible in new ways, but just as secure from hackers as before. Now Russia’s invasion of Ukraine has raised the specter of a full-blown cyberwar that could see companies all over the world also become collateral damage. 

Companies today no longer face the question of whether to put money into cybersecurity – they simply have to decide how to. Broadly, they have the choice between outsourcing their cybersecurity or building in-house capabilities. Buying in third-party, off-the-shelf services can be quick and relatively inexpensive, especially in the short term. But with an increasing number of their products and services becoming networked and cloud-based, companies also need the expertise to provide their customers the highest cybersecurity standards.

A strong commitment to cybersecurity is crucial, especially in turbulent times like these. And the best way to approach it is not necessarily as spending on outsourced services, but as investing in the right in-house capabilities. The most efficient approach to cybersecurity is to no longer view it as a mere add-on, but as expertise that is fully integrated into a company’s business. Cybersecurity protects a company’s operations and is becoming part of them. As cyberthreats change and corporate goals shift, cybersecurity can adjust to both of them. 
A strong commitment to cybersecurity is crucial, especially in turbulent times like these. And the best way to approach it is not necessarily as spending on outsourced services, but as investing in the right in-house capabilities.
Daniel Schatz, Chief Information Security Officer of QIAGEN

How can companies reduce risk?

This is all the more important as governments look set to increase the pressure on companies. U.S. President Joe Biden in late March warned that the Russian government was “exploring options for potential cyberattacks” and called on privately owned critical infrastructure owners and operators to “accelerate efforts to lock their digital doors.” Governments will become more prescriptive about what companies should do to make their IT systems safer – something that was until now reserved for defense companies. 

Crucial to reducing a company’s cyber risk is minimizing its online “attack surface.” All systems plugged into the internet are potential targets and keeping track of each external exposures – and their vulnerability to hackers – can be challenging. A misconfigured system can quickly lead to a serious security incident. QIAGEN addressed this problem through pro-active attack-surface monitoring. We improved our resilience and reduced interference from low severity attacks. As a result, the team was able to focus on more important issues.

The cybersphere is a global virtual landscape of computer users as complicated as the real world. It offers huge opportunities, but also space for villains to ply their craft. Any company with weaknesses in fighting directed or collateral cyberattacks will very quickly find its IT having problems. In the early days of cybersecurity, we used to say a company didn’t need to outrun the bear, it just needed to outrun the companies close by. But today, it has to look out for many opportunistic bears and make sure to avoid the crossfire of other villains. 
cyber risk

Our views