3 Questions for NeoMINT: »We Want to Demystify Cybersecurity«

How threatening are cyber attacks for companies – and how well is the German economy positioned to ward them off?

We are in a very threatening situation, and I feel that many companies are in a state of shock and don’t know where to start – in the sense that nothing has happened to them yet, so everything will stay fine. Attackers are therefore still finding the same vulnerabilities as they did ten years ago. At the same time, I see that many companies want to take action but need guidance.

There is often a lack of basic understanding of digital threats, and cybersecurity is not usually part of everyday business life. However, risk management is one of the most important tasks of any management team – I need to know what risks exist and decide how to deal with them, including in the technical area.

Every company should therefore be aware of the potential repercussions an emergency could could have on their business – for example, if all data is suddenly lost due to ransomware. A self-employed craftsman can still write his invoice by hand using , but in he probably receives all his orders by email. You have to ask yourself: What are the most important processes that I need to keep going so that I can earn money? Which risks can I take and which can I not?

To this end, many companies seek in-house consulting services, which then create an Excel spreadsheet with recommended measures. However, someone has to implement these measures, and there is usually a lack of qualified personnel to do so. As a result, companies remain stuck in a kind of analysis loop.

It is important to me to emphasise that designing security does not mean complicating or blocking work processes, but rather making them understandable and reliable.

With your start-up NeoMINT, you want to help organisations get their cybersecurity under control. What is your recipe for tailor-made security solutions?

We offer clearly structured service packages that help companies of all sizes, from small craft businesses to companies with 5,000 employees, to design their own security solutions. It is important to us to remove complexity and show practical ways that work in everyday life. We start by helping with risk assessment: what are my assets and how do I want to protect them? To what extent do I want to automate and how many resources do I have available for this?

Our job is to highlight the steps that are really relevant, rather than producing even more lists. What this means in concrete terms depends heavily on the size and industry: an individual entrepreneur may only need an independent data backup, which in the best case scenario is also protected against wind, water and theft. On the other hand, there are companies that are considered critical infrastructure and must provide evidence of extensive certification, such as energy suppliers or food companies.

We offer coaching sessions that enable companies to implement the measures that are most important to them and anchor them in their everyday work. Our model is not to sell them 500 years of consulting and convince them that they cannot do it without us. We like to say, »We’re here to leave again« – and we work so that teams become capable of acting on their own as quickly as possible. If companies consciously outsource their cybersecurity and want full service, we are happy to provide an external Chief Information Security Officer (CISO), ideally combined with an AI Officer to securely integrate artificial intelligence processes into the company, since AI has long become part of everyday work.

Many of the large consulting firms charge a lot of money just to describe the problems in the first place. Our approach is more pragmatic: we provide companies with concrete steps and tools so that they can design their own security in everyday life. This includes openly sharing our expertise. We are currently developing an internal ‘MINTapp’ that supports our team with recurring tasks – for example, in information security or organisational processes. We want to share the basic idea as open source later on so that other companies can further develop it and use it for their own processes.

You got started with NeoMINT at Potsdam Science Park. How do you intend to develop here in the coming years?

Our headquarters are in Golm, but we are a remote company with currently nine people spread across Germany who work together digitally. We’d love to grow, but right now our main focus is on setting up our organisation properly and to further professionalise remote collaboration.

I am originally from Potsdam, and the GO:IN is a great opportunity for me to network with other companies. It’s cool that Potsdam Science Park offers regular lectures and events where you can get free input on topics that are relevant to founders. I myself have already held a workshop on IT security and risk management for start-ups.

There are many start-ups here that have great ideas, and I would like to help them and other companies in Brandenburg to approach digital innovation in a secure and understandable way. Because if you think about security right from the start, you can save a lot of time and resources later on.

Further information can be found at NeoMINT-Website.

This blog and the projects carried out by Standortmanagement Golm GmbH at Potsdam Science Park are funded by the European Union and the State of Brandenburg.