»Technology is not enough!«

Mr. Schlund, digitalization often seems to progress slowly in Germany. Do you share this impression – what are other countries doing better?

In Germany, digital initiatives are often meticulously planned, which makes sense. However, this can sometimes result in lengthy debates instead of decisive action. In other countries, the approach tends to be more pragmatic: they move quickly and iterate as they go. From our experience with medium-sized companies, real progress happens when you start with a clear structure and continuously refine the process. Digitalization isn’t a one-off project—it’s an ongoing part of modern business management.

Many entrepreneurs underestimate the consequences of an IT security incident. What is really at stake if something goes wrong?

In the worst case, business operations can grind to a halt – systems fail, communication breaks down, and workflows will stand still. The impact isn’t just financial; it can also permanently erode trust. All too often, IT security only becomes a priority after something goes wrong. That’s why we take a preventive approach: with robust systems, regular audits, and clearly defined responsibilities we help to ensure such crises are avoided from the start.

IT security affects almost every company today. But is it equally relevant for everyone, or are there business fields that require particular focus?

IT security is a concern for virtually every company today. Many attacks are automated and exploit vulnerabilities indiscriminately, meaning the company’s size often makes little difference. Of course, some industries handle particularly sensitive data or operate under stricter regulatory requirements. Still, the message is clear: no company can afford to overlook the importance of IT security. Well-structured security strategies are especially valuable for small and medium-sized enterprises, helping protect both operations and reputation.

When integrating new technologies, security must be considered. What are common mistakes – are there any factors, that companies should pay attention to?

A common mistake is implementing new technologies without first assessing their impact on security, processes, and responsibilities. Tools are often adopted quickly, but organizational integration is neglected. Our advice is always to incorporate security and structure from the very beginning. This means, defining clear responsibilities, maintaining proper documentation, and conducting regular system reviews. Technology alone is not enough—the key is meaningful integration into everyday business operations.

Legal and regulatory requirements are evolving. Which IT-related challenges do you anticipate in the near future?

Regulatory requirements such as NIS2, data protection, and increasing documentation obligations will increasingly impact many companies. At the same time, expectations for a stable, secure, and auditable IT infrastructure are growing. The challenge is not only to meet these requirements formally but to embed them sustainably into business processes. Companies that take a strategic and proactive approach to IT will gain long-term security, trust, and operational stability.