Why the Schwarz Group sells software against hackers

During the visit, Schumann wants to show how the Schwarz Group protects its trading business from espionage, sabotage and other digital attacks – and at the same time he is advertising the group’s latest product. Because in addition to fruit, pasta and sweets, the company has had a system for identifying security gaps on offer since last summer.

Last year, the Schwarz Group took over the IT security specialist XM Cyber. The retail group actually wanted to use the software to check its own IT for potential attack paths. Incidents at retail groups such as Tegut and Ceconomy were an urgent warning.

When the management heard that financial investors wanted to buy the start-up, they spontaneously expressed their interest – and were awarded the contract, according to the “Lebensmittelzeitung” for 700 million dollars.

The calculation: The cost center should become a sales driver. The Schwarz Group has experience with this. In 2021, for example, the group bought the waste disposal company Prezero in order to expand the circular economy into a business.

The Stackit cloud platform, which has been developed internally since 2018 and on which the online shops Lidl and Kaufland run, for example, has also been available to external customers since the beginning of the year.

Schwarz Group: Program is intended to show weaknesses in IT networks

XM Cyber ​​is based in Israel, which has a vibrant IT security scene. The country is on permanent alert, so the military and secret services are well equipped, including against cyber attacks.

Since it was founded in 2016, the company has developed a program that identifies weak points in IT networks. It simulates the attack paths that hackers could use to reach critical systems such as accounting or HR software.

>> Read here: German companies get help for cyber security in Israel

A misconfigured server is just as dangerous as an operating system without the latest security updates. “It’s about seeing your own IT through the eyes of an attacker,” says Schumann. This applies to classic software as well as to the cloud.

IT teams are increasingly overwhelmed by the high number of identified vulnerabilities. Schwarz digital board member Rolf Schumann

The result of the analysis is displayed to the IT security department in a list that lists the greatest risks and suggestions for improvement. “The IT teams are increasingly overwhelmed by the high number of identified weak points,” knows the manager, who previously made a career at SAP. The evaluation should help to set priorities with a clear conscience. “You can find the needle without digging up the haystack.”

The system also calculates a key figure for the entire IT. On this day in December, the companies of the Schwarz Group are doing very well with a value of 93, as Schumann notes with satisfaction. According to reports, CEO Gerd Chrzanowski is keeping a close eye on developments.

High investments by German companies in IT security

The potential for cyber business is great. According to the consulting firm PwC, 66 percent of decision-makers in German companies see cybercrime as the greatest threat. This is reflected in the investments: According to a forecast by the industry association Bitkom, German companies will spend around 8.5 billion euros on IT security in 2023, ten percent more than in the previous year.

>> Read here: Large corporations see cyber attacks as the greatest threat to their business

For CEO Schumann, there is also the opportunity to market the Schwarz Group’s digital business even more intensively. In view of the great competition from Amazon Web Services (AWS), Microsoft and Google, the cloud platform Stackit has so far only been a niche offering.

But the competition is just as great. “Everyone is fighting for the budget,” says Schumann. Numerous IT security specialists with intelligent technology and a lot of venture capital are pushing onto the market, and corporations – especially Microsoft – are marketing product packages that also include solutions for IT security.

Schumann, however, is convinced that XM Cyber ​​stands out from the competition. Many products are about protecting end devices such as PCs and smartphones – which often fails. Therefore, one must prepare oneself for the fact that spies, saboteurs and extortionists are already in the network.

“If a customer does a test drive with XM Cyber, he also buys the solution,” says Schumann. Customers include the Port of Hamburg, Swisscom and the stock exchange operator Nasdaq. However, the manager must first reach the decision-makers in the company. The company is therefore setting up its own sales department for large customers and also works with IT service providers such as IBM.

Cybersecurity: Shocking results in the test run

The German mechanical engineering group Dürr has been using the XM Cyber ​​system for several years. Ralf Dieter, head of the MDax group until the end of 2021, initiated the introduction after a test. “My security people were impressed with the results,” he says. Although the company has already invested a lot in protective measures, the risks were still considerable.

Dieter convinced his board colleagues to introduce the system, despite the high price. “If the IT is paralyzed, not a single screw will go out at Dürr,” says the manager. Then it gets expensive, especially in mechanical engineering. There are plenty of warning examples, whether at the automation specialist Pilz, the automotive supplier Eberspächer or the weapons manufacturer Thales.

“The trick will be to explain why the system is so expensive,” says the former Dürr boss, who is now an investor. Especially since companies need various other systems for IT security, whether for protecting end devices or defending against overload attacks. Tours through the “War Room” of the Lidl Group can perhaps do some convincing.

More: Why Lidl parent company Schwarz is launching a cloud platform