Episode 28

full
Published on:

14th Jul 2025

Cyber security and supplier management: How much control is too much?

Expand your cybersecurity expertise with "Cybersecurity shall be C-level priority!"

In this episode, Nico Freitag welcomes Katia Winkler, Senior Information Security Specialist at a major insurance company. Together, they explore some of the most pressing and misunderstood cybersecurity topics in the industry today – from regulatory complexity to realistic supply chain protection.

Key topics include:

  • The reality of supply chain security: Why many startups and niche providers can’t meet the same security standards – and why working with them is still essential.
  • DORA, NIS2, and the Cyber Resilience Act (CRA): What these regulations actually require, how they overlap, and why CRA is still flying under the radar.
  • S-BOMs, Zero Trust and penetration tests: What truly matters, what’s overrated – and how to focus your efforts strategically.
  • Beyond paperwork: Why green dashboards and risk matrices don’t guarantee safety – and how to avoid security theater.
  • Trust as a security enabler: How to build meaningful partnerships with vendors – instead of treating audits as a threat.

This episode delivers a practical, honest view of the current regulatory landscape – and how organizations can shift from box-ticking to real, sustainable cyber resilience.

____________________________________________

👤 More Information

Katia Winkler - LinkedIn-Profile

____________________________________________


🚨 This Podcast is translated from the original content Cybersecurity ist Chefsache using AI technology to make them accessible to a broader audience.  🚨

____________________________________________


🎧 Take a look!

🎙Podcast - Cybersecurity ist Chefsache: @cybersec_ist_chefsache

🎙Podcast - Cybersecurity shall be C-Level priority: @cybersec_clevel_priority

🎙Podcast - Die Zwei Auftrag: Cybersicherheit: @diezweicyber


Join us as we dive deeper into the world of digital security.


____________________________________________


You can find me on these social media channels:

📸 Instagram: cybersec_clevel_priority

🕺 TikTok: cybersec_clevel_priority

🤝 LinkedIn: nicowerner

📌 Getting in touch - Podcast: Cybersecurity shall be C-level priority


____________________________________________


Your journey into the world of cybersecurity starts here – I’m looking forward to connecting with you!

All Episodes Previous Episode

Listen for free

Show artwork for Cybersecurity shall be C-level priority

About the Podcast

Cybersecurity shall be C-level priority
Security begins with a click
The weekly podcast "Cybersecurity shall be C-level priority" serves as a platform where various experts from the world of digitalization and cybersecurity come together to discuss current topics, trends, and practical applications.

Host Nico Freitag invites friends, colleagues, or like-minded individuals from different industries to share their experiences and opinions, engaging in discussions on topics such as digitalization, cybersecurity, OT security, data protection, information security, and hands-on solutions.

This Podcast is translated from the original content Cybersecurity ist Chefsache using AI technology to make them accessible to a broader audience.

About your host

Profile picture for Nico Werner

Nico Werner

Moin! Ich bin Nico Werner, ein erfahrener Experte für Digitalisierung & Cybersecurity.
Seit meiner Kindheit begeistere ich mich für die Welt der Technologie und habe diese Leidenschaft durch meine Ausbildung zum Fachinformatiker vertieft. Besonders interessiert mich die Absicherung von OT-Systemen in industriellen Anlagen.

Seit 2012 habe ich in verschiedenen Firmen als Consultant, Projektleiter, Pre-Sales und im Management im Bereich Cybersecurity gearbeitet und wichtige Erfahrungen gesammelt.

Ich verfolge das Ziel, die Bedeutung der Cybersecurity den entscheidenden Stellen zu vermitteln und sicherzustellen, dass die Umsetzung und stetige Verbesserung dieser vorangetrieben wird. Dabei stehen für mich Menschen, Technologien, Prozesse und Organisationen im Mittelpunkt meiner Arbeit, um einen 360° Ansatz zu gewährleisten. Ich bin zusätzlich in diversen Gremien: UP KRITIS, VDI und IHK aktiv an der Verbesserung unserer Cybersicherheit beteiligt. Getreu meinem Motto "Cybersecurity ist Chefsache" bin ich davon überzeugt, dass die Absicherung von OT-Systemen von entscheidender Bedeutung ist. Ich unterstütze Unternehmen bei den Herausforderungen der Digitalisierung und helfe ihnen, ihre Organisationen, Prozesse und Technologien auf eine sichere Zukunft auszurichten.

---

Hello there! I'm Nico Werner, an experienced expert in Digitalization & Cybersecurity. Since my childhood, I've been passionate about the world of technology, and I have deepened this interest through my education as an IT specialist. I'm particularly fascinated by securing OT systems in industrial plants.

Since 2012, I have worked in various companies as a consultant, project manager, in pre-sales, and in cybersecurity management, gaining valuable experience along the way.

My goal is to convey the significance of cybersecurity to key stakeholders and ensure the continuous implementation and improvement of it. People, technologies, processes, and organizations take center stage in my work, aiming for a 360° approach. Additionally, I actively participate in various committees such as UP KRITIS, VDI, and IHK to contribute to the enhancement of our cybersecurity. True to my motto "Cybersecurity shall be C-Level Priority," I firmly believe in the critical importance of securing OT systems. I assist companies in facing the challenges of digitization, helping them align their organizations, processes, and technologies for a secure future.