“Total Digital Collapse” – Why IT Security Is a Top Priority

Head of Managed Services & Senior IT Consultant at ASTRUM IT

Patrick, what motivated you to write a book on IT security for small and medium-sized businesses right now?

Patrick: In my day-to-day work at ASTRUM IT, I see that many small and medium-sized businesses still believe they are “too small” to be targeted by attackers. The opposite is true: SMEs in particular often lack clear structures and emergency plans. With this book, I want to show that cybersecurity is an existential management issue. It’s about understanding where liability risks lurk and how to build true digital resilience through pragmatic steps. That’s exactly what we implement every day in projects at ASTRUM IT.

You say: “IT security isn’t a project, but a mindset.” What does that mean in the day-to-day operations of a company?

Patrick: Sustainable IT security only works if it’s conceived as an ongoing process: clear responsibilities, recurring audits, and emergency plans that are tested time and again. This means that risk analyses or backup tests are firmly integrated into the annual cycle. At ASTRUM IT, we support this with structured IT security audits and cybersecurity consulting, while always keeping a close eye on the current threat landscape and regulatory developments.

How do you specifically view ASTRUM IT’s role for small and medium-sized businesses?

Patrick: ASTRUM IT supports companies from analysis through to operational implementation: We identify which systems are business-critical and where vulnerabilities lie. This ranges from managed services to disaster recovery plans. We explicitly do not see ourselves as NIS 2 consultants and do not actively offer this type of consulting. Our focus is on operational IT. However, as a responsible partner, it is our duty to protect our clients: If we notice vulnerabilities in day-to-day operations that are relevant to NIS 2, for example, we proactively point out this potential for improvement. If questions arise, we then support our clients on a case-by-case basis and to the best of our ability.

In your experience, in which areas do small and medium-sized businesses most often underestimate the risks?

Patrick: A major issue is preparing for emergencies. Many companies have backups, but rarely test how quickly they can actually get back up and running. Another risk is a lack of security awareness. At ASTRUM IT, we lead by example and rely on intensive awareness initiatives as well as technical safeguards for our own employees to ensure that our team remains part of a robust security chain. We incorporate this internal experience into our general consulting for clients to raise awareness of human risk factors there as well.

What are the three measures that business owners should tackle first today?

Patrick: First, an honest assessment of business-critical systems is needed. Building on that, tested backup strategies and clear responsibilities should be established. As a third step, I recommend an external perspective, such as through an IT security audit. Here, operational requirements—as also stipulated by the NIS 2 Directive—are naturally incorporated into our work, as we always take a holistic view of security.

What is your key message to small and medium-sized businesses?

Patrick: Today, IT security is key to a company’s long-term viability. It must be understood as an integral part of the corporate culture and treated by management as a leadership priority. Investing in IT security today strengthens a company’s ability to innovate and compete.

Thank you very much, Patrick, for the interview!

It’s time to act fast! Make your company resilient against digital threats. For more information about our services, please visit our Webseite.

About the Author

Author: Patrick Fabisz
Title: “Digital Total Collapse – Why IT Security Is Not an IT Project, but a Survival Strategy for Small and Medium-Sized Businesses”
Publication Date: April 1, 2026
Available on Amazon