Some 67 percent of all companies are affected by security incidents each year, said Andy Schweiger, the managing director cybersecurity services at TÜV SÜD, the international testing, certification and training organization. And the “era of script kiddies is gone,” Schweiger said, referring to the aspiring hacker wannabes who rely on online resources to launch cyberattacks. “[The script kiddies who] were making headlines 10 to 15 years ago are now grown up,” he added. As a result, current cyberattacks tend to be more damaging. State actors have assumed a greater role in launching attacks and developing malware, which occasionally leak as in the case of the EternalBlue exploit, giving underworld hackers the ability to launch exceptionally damaging attacks. And some attackers are leveraging machine learning for subterfuge and identifying vulnerable targets.
To deal with the challenge, TÜV SÜD, like UL in the United States, is increasingly positioning itself as an authority in industrial cybersecurity. There are five reasons TÜV SÜD is up for that task, said Schweiger in a presentation as part of a Siemens Cybersecurity Press Junket in Munich.