Enhanced knowledge: Attacks tracked by the security center of T-Systems are compared to the monitoring  of other companies.
CIO-Talk

“Today, though, Eurogate has a “spider” in the cybersecurity web: T-Systems.”

A conversation with Eurogate CIO Wolfram Müller and Patrick Molck-Ude, director of the Telecommunications (tc) division at T-Systems, about ICT security that leaves hackers in the dust, cybersecurity in IoT scenarios and investments in new forms of customer relationship management.
Author: Thomas van Zütphen
Photos: Christian Kerber

What did you do next?

We had to figure out how to integrate this new, objectively useful process into a reporting system that worked 24/7, 365 days a year. The sooner we got it ready, the better.

Why the rush all of a sudden?

We wanted to roll out the solution to all our German terminals relatively quickly because we could be attacked at any time and place. In many cases, cybercriminals are interested in data – either because they want to learn from it, because they sell it or because they use it for blackmailing victims. Eurogate doesn’t have any really valuable data in that sense, though.
Patrick Molck-Ude, T-Systems Geschäftsführer TC Division
“Digitization and automation require organizations to secure and protect their network data communications.”
Patrick Molck-Ude, Director of TC Division, T‑Systems

How does the security center work to help protect you from hacking attacks?

The center is operated by T-Systems and staffed 24 hours a day. Whenever an alert, anomaly or irregularity occurs, T‑Systems first checks for a technical explanation using a security dashboard. If it can’t find one, it sends a notification to our IT team via a special process chain so they can hunt down an operational cause. Next, Application Support looks for process changes that could have triggered abnormal behavior, evaluates the results and takes action. One day, we may have a provider handle certain types of critical issues directly. But this current division of labor is already a huge improvement in our workload.

Because you couldn’t see the big picture otherwise?

That’s right. An in-house team would only see the threats currently facing us. Today, though, Eurogate has a “spider” in the cybersecurity web: T-Systems. It monitors a large number of customers and so can collect much more information and come to entirely different conclusions. It’s like forensic analysis: Where did an incident come from? What was the possible driver? I can’t afford to go into that depth of analysis as a single company.

So what do you focus on?

My main job as the CIO is to ensure that IT support is constantly available as a tool or workbench. We need high IT availability in order to maintain our performance in vessel loading and unloading.

How would you quantify your current IT performance?

We have 99.8 percent availability with over 200 systems and all the IT infrastructure for three ports. In other words, our total downtime for all German sites in 2015 was six hours, and none of our outages lasted more than 30 minutes.

Can you even improve on 99.8 percent?

Theoretically, yes. But I’ve never had the ambition to reduce our error rate to zero. Instead, I wanted to lay the technical and organizational foundation for (a) quickly and reliably identifying the root causes of errors in a highly complex IT infrastructure and (b) streamlining our error resolution process as much as possible.

What do you think will be the ‘next big thing’ in ocean freight transportation?

We’re looking into automating our container handling, as I mentioned earlier. We are currently planning a pilot project to test whether and how we want to tackle this issue.

Further articles