Cybersecurity is a team matter — an interview with Dr Tim Sattler, Jungheinrichs Corporate Information Security Officer
In an interview, Dr Tim Sattler, Corporate Information Security Officer at Jungheinrich, explains why security is a team matter, which threats are particularly critical in 2025 and how even small changes in behavior can make a big difference.
Cybersecurity is one of the biggest challenges for industrial companies in 2025. As machines, processes and supply chains become increasingly interconnected, the attack surface for cyber criminals is also growing. Ransomware, supply chain attacks, and social engineering are no longer abstract scenarios. For Jungheinrich, this means that protecting data and systems is not just a matter for IT — it is a joint task for all employees.
In an interview, Dr Tim Sattler, Corporate Information Security Officer at Jungheinrich, talks about current threats, strategies and his personal motivation for cybersecurity.
Dr Sattler, what brought you personally to the world of cybersecurity?
“That was during my time as a doctoral student in physics. A key moment was reading The Cuckoo's Egg by Clifford Stoll. In it, he describes how, as an astrophysicist in the 1980s, he accidentally detects a hacker attack and follows it up with scientific meticulousness. For me, cybersecurity combines curiosity, analytical thinking and creativity with direct benefits for companies and society. After completing my doctorate, I therefore went into security consulting. That was my entry into a field that still fascinates me today. ”
Let's look at the present: In your opinion, what are the biggest cyber threats that industrial companies such as Jungheinrich are currently facing?
“I see two developments as particularly critical: First, the increasing professionalization of ransomware groups. They now work like highly organized companies with a clear division of labor and cause enormous damage to the affected companies. Second, there are attacks on supply chains. These can affect both the supply of components and materials for production and the software used, for example when suppliers of IT solutions are compromised. Especially in an industrial environment, this significantly increases the attack surface. ”
What specific role does cybersecurity play today in everyday working life and in projects at Jungheinrich?
“Cybersecurity should no longer be an appendage that you add at the end of a project. It must be considered from the outset, whether when digitizing business processes or developing new products. Our customers expect us to ensure reliability, responsible use of data, and secure products. Cybersecurity is therefore not only a shield, but also a sign of quality that creates trust. ”
Are there any specific security measures or initiatives that you are particularly proud of at Jungheinrich?
“I am particularly proud of our cyber defense capabilities. Like any large company, we too are attacked on a daily basis. Sometimes attackers manage to get past the first line of defense. Thanks to our sensors and, in particular, our excellently trained specialists, we have always been able to contain such incidents quickly and prevent damage. This combination of modern technology and human know-how is a real success factor. ”
When it comes to IT security, you often think of the IT department first. Why do you think cybersecurity is a task for the entire organization?
“Because attackers make no difference whether they encounter IT, production or administration — they are simply looking for the easiest path. Every click, every file, and every password can be decisive. And as a result of digitization, cybersecurity now affects the entire company: from product development to purchasing. That is why it is so important that all employees assume responsibility. Cybersecurity is much more than just IT security, it is a corporate task and must be part of our culture. ”
How do you and your team actively sensitize all employees — from the plant to the management board — about the issue of cybersecurity?
“We focus on three things: relevance, repetition and comprehensibility. In concrete terms, this means: We show examples from everyday working life, use various channels and do not limit ourselves to annual e-learning. It is also important to tailor the content to suit the target group — a colleague in production needs different information than a software developer or board member. We are also breaking new ground: Jungheinrich is a pioneer in the industry here. One example is our fortune cookie campaign, which playfully conveys security messages, which are packaged in cookies and given away to employees. The campaign was so successful that it has now also been taken over by other well-known companies. ”
If you could give all employees in companies just one, immediately implementable tip for greater digital security — what would that be?
“My tip would be to pause briefly before you click on an unknown link, open a received file, or share information. Attackers work specifically with psychological tricks: They create artificial urgency, seemingly rely on authorities or arouse your curiosity. If you recognize these patterns and don't let yourself be tempted to act hastily, you've already taken one of the biggest steps towards greater security. ”
The Hamburg Cyber Security Days 2025 will take place soon. Why is this event important for Jungheinrich and what are you most looking forward to?
“The Hamburg Cyber Security Days are a great opportunity for us to network with other local companies. Because in the area of cybersecurity, no one can solve the challenges alone. At the same time, the days send an important message to the inside: In the end, it is the employees in the companies who make the difference. That is why I am particularly pleased that the series of events focuses on current, exciting and highly relevant content. ”
