When is the right time to develop a security strategy?
A Conversation with Martin Buck, CISO & Head of Consulting Services, BNC AG Key triggers, components, and planning horizons for your security...
3 min read
Géraldine Wymann
:
Oct 2, 2025 2:13:57 PM
“Technology is rarely the problem – implementation is.” In this interview with Achim Büttner, Solutions Engineer for Secure Data Access at BNC, we uncover the typical stumbling blocks in IT projects, especially in the field of security, and how BNC avoids them. The result: projects that not only run smoothly, but deliver real, lasting value.
All relevant stakeholders need to be involved from the very beginning. Misunderstandings later in the process can only be avoided if goals, roles, and expectations are clearly defined from the start. Just as important: realistic requirements, transparent communication, and reliable planning for time and resources.
By being honest in your assessment. It’s better to have open conversations about effort and requirements than to raise expectations with overly optimistic proposals that won’t hold up later. This builds trust from the start and sets the foundation for solid expectation management.
A common pitfall is skipping the proof of concept. Solutions are often purchased before it's clear whether they truly meet the organization’s needs. That’s why transparency from the start is essential – including a thorough needs analysis before the project kicks off.
By truly understanding their pain points, jointly prioritizing requirements, and having open conversations about options, risks, and effort. What matters most is a partnership-based approach – acting as a sparring partner who translates complex topics into pragmatic solutions.
Short communication paths, fast response times, and pragmatic solutions. The goal: smooth operations – even in critical situations.
With maximum transparency. Clients always know exactly where the project stands. At the same time, I work to minimize the impact, set clear priorities, and keep the project firmly on track.
For more in-depth insights into security strategy, check out our whitepaper: "Building Resilience with the Right Strategy: Setting Up IT Security Effectively".
By balancing time, budget, and quality – and by delivering a solution that works, meets customer expectations, and creates genuine value.
I spot potential roadblocks early, offer a fresh external perspective, and work closely with stakeholders to develop sustainable, long-term solutions.
Before making a decision, it’s essential to define your objectives. SASE isn’t a standardized concept – each vendor interprets it differently. Endpoint protection can range from basic antivirus to comprehensive XDR, depending on the provider. My tip: Start by clearly outlining your requirements and use cases. Then evaluate which solution best meets those needs. That’s the only way to create lasting value.
Achim Büttner brings over 20 years of experience in IT security. After leading an IT team at the German Armed Forces for more than six years, he held roles as a Network & Security Engineer at Endress+Hauser and spent nine years managing the firewall and security infrastructure at Bank Safra Sarasin. He later worked as a Security Engineer and Architect at Swiss IT Security. Today, he serves as Solutions Architect and Head of the Competence Center Network Security at BNC, where he focuses on delivering complex security projects successfully and sustainably.
A Conversation with Martin Buck, CISO & Head of Consulting Services, BNC AG Key triggers, components, and planning horizons for your security...
How can I implement IT security measures more efficiently? Why Structure Beats Tool Overload as the Key to Lasting IT Security
SASE DECRYPTED, PART 1 LEARN MORE ABOUT THE ADVANTAGES AND DISADVANTAGES OF SASE (SECURE ACCESS SERVICE EDGE) AND HOW COMPANIES CAN DEAL WITH THE...