Siegfried Wehr

Siegfried Wehr: “Information security goes far beyond IT”

For many companies, customer data is now one of their most valuable resources. This makes it all the more important to protect this asset accordingly. However, this is more than just a technical challenge. Information security encompasses all aspects of protecting information – from physical security measures to cyber security.
Siegfried Wehr, Information Security Officer at coeo, has a central role in ensuring the security of company data. In this interview, he provides insights into his daily work, the challenges facing the industry and the role of artificial intelligence in cyber security.

Editorial Team: As Information Security Officer at coeo Inkasso, you have a central role in ensuring the company’s IT security. Can you give us an insight into your day-to-day work? What are the main tasks and challenges you face in your daily work environment?

Siegfried Wehr: The two biggest challenges are, firstly, that information security is more than just IT security. It starts with who comes into the building and who may be able to read confidential documents that someone has left on their desk. The topic of information security extends further than most people think. In addition, when it comes to cyber security or IT security, there is the major challenge of making the issues and dangers tangible. You probably remember the film industry’s slogan “You wouldn’t download a car”.

Nowadays, you can already print houses and other things with a 3D printer. Digital things are often not given the same value as their physical counterparts. For example, a physical key is often stored more securely than a password.

My main task is to ensure information security with its three major objectives: “confidentiality, integrity and availability”. Ensuring that our customers’ information security requirements are met is also one of my main tasks.

Artificial intelligence is playing an increasingly important role in cyber security. Does AI support cyber security, or does it also harbor new risks? How do you use advanced algorithms at coeo Inkasso to detect and defend against digital threats, and where do you see the biggest challenges?

Siegfried Wehr: AI is and will be one of the biggest security challenges in the near future. Both the attack scenarios using AI or AI support are improving. Take phishing emails, for example, where we are already seeing an increase in quality, making it very difficult to distinguish a phishing email from a real email. Voice generation by AI is also making steady progress. These fakes are becoming increasingly difficult for human eyes and ears to recognize. It is also becoming easier and easier for the so-called “script kiddies” to exploit potential vulnerabilities in systems. There have already been researchers who have had an AI model independently “hack” a website.

On the other hand, AI systems or AI support are also used in “defense”. There are already numerous companies that rely on AI-supported systems to protect against malware. For example, to detect whether software is malware or not based on its behavior. This is also used for the initial analysis of logs. A human would no longer be able to fully analyze the logs that a system generates nowadays; AI systems already provide support here. These are able to analyze the logs in a concentrated manner even after eight hours or in the middle of the night. In the cAI ecosystem, which is being developed by coeo, we are also working on a module for fraud detection. This should support us in detecting possible fraud attempts in the future.

Despite the advances in AI, it is often argued that human expertise remains essential. How do you see collaboration between humans and machines in your field of work? Are there specific tasks where humans are still superior to AI?

Siegfried Wehr: AI will clearly have the edge in many routine tasks. AI systems do not tire and are always 100% focused, but humans are still superior to AI systems. AI systems or ‘generative general algorithms’ are currently very specific. AI systems can currently play to their strengths in these specific areas. However, humans have a clear advantage when it comes to overarching or more complex topics, as well as topics that offer room for interpretation. The same applies to topics that involve an ethical component. These are difficult to integrate using algorithms, as they often contradict the ethical components with static data.

Log analysis systems can currently serve as an example of good cooperation between man and machine. Several million log entries are generated every day, which no human could go through alone. AI already provides support here and sorts out inconspicuous activities so that the analyst only has to look at the activities that appear to be conspicuous. In the end, it is the human who decides whether a system needs to be quarantined or sealed off.

How do you see the future development of cyber security? What role will AI play in the coming years, and what new technologies or approaches could also gain in importance?

Siegfried Wehr: AI will play an increasingly important role in the coming years. Not only will potential attackers continue to use AI systems, but companies will also use AI systems internally. Accordingly, the threat scenarios will continue to expand. In the same way, AI systems will also be further integrated into defense mechanisms. Well-designed systems will make it easier to avert some potential threats, e.g. AI that recognizes whether a caller’s voice belongs to a real person or has been generated by a system. Routine tasks, where errors can quickly creep in, can be taken over by AI, which in turn increases security. Who hasn’t accidentally dialed the wrong number or made a mistake in an Excel row?

Another development to keep an eye on is the “reliance on technology”. With all the progress that AI has made in recent months, this effect should not be neglected. Therefore, human awareness remains an important pillar.

© Coverimage: Siegfried Wehr

Share this article: