A conversation with Eurogate CIO Wolfram Müller and Patrick Molck-Ude, director of the Telecommunications (tc) division at T-Systems, about ICT security that leaves hackers in the dust, cybersecurity in IoT scenarios and investments in new forms of customer relationship management.
After graduating from college with degrees in IT and engineering, Wolfram Müller worked at a transregional utility company before switching to Siemens AG. He then served in multiple leadership roles at debis- Systemhaus – and at T-Systems starting in 2001 – until becoming the CIO of the Eurogate Group in 2006.
Effectively protect ICT systems with an end-to-end concept.
Author: Thomas van Zütphen Photos: Christian Kerber
Mr. Müller, how important is security for Eurogate and its IT right now?
Every one of our employees has a fine awareness of security. They realize that an IT or security incident could have a devastating impact on the economy if it crippled Germany’s three most important ocean ports, Hamburg, Bremerhaven and Wilhelmshaven.
“Eurogate has a spider in the cybersecurity web: T-Systems. They can relay us their insights from monitoring a large number of companies.”
Wolfram Müller, CIO Eurogate
How do you expect an IT or security service provider to help you prevent that from happening?
My ideal provider is a partner, not just a supplier. This can be a really constructive relationship – take, for example, our open-ended discussion about minimum requirements for IT providers. For my part, I care less about my partner’s current service portfolio, and more about the support I get in tackling the challenges I face as Eurogate’s CIO. That brings us to industrial IT security – an issue that I think will become increasingly important for the advanced automation of logistics processes. I’ve been researching the market for some time, but see no indications that anyone understands this issue or is developing solutions to address it.
How exactly did everything get started – what kicked it all off?
What kicked it off was a simple question: Where can we make mutually beneficial changes in how we work together? We started out two years ago by exploring where Eurogate wanted to go strategically. It didn’t take long to come to a conclusion: Given the direction in which competition and market conditions were drifting, we had no choice but to start looking at terminal automation. That immediately took us to security. After all, we’re not going to automate operational processes in an outdoor environment if there’s no way to control them over a network.
That’s one way to get into the security fast lane instead of always being one step behind the latest generation of exploits. But why is Eurogate different from other organizations in this respect?
I’d surmise that 95 percent of all security discussions between organizations and IT providers revolve around e-mail and internet use. Don’t get me wrong: It is a problem, and it could adversely affect Eurogate – but it wouldn’t really hurt us. We need to cast our net farther in our operational processes. You see, our machines, equipment and devices that communicate over MPLS, WLAN and LAN have to be protected from unauthorized access in an open space, not an enclosed building. You can physically secure a factory, but not an outdoor facility like ours. Our only chance is to proactively scan equipment for abnormal behavior and then try to find a logical explanation for any anomalies. This is the security challenge for Industry 4.0. So we sat down and developed something entirely new together.
Eurogate is Europe’s leading shipping line-independent container terminal operator and logistics group with twelve locations in Europe and North Africa. The company handled 8.2 million standard containers (TEUs) at its three German terminal locations alone. This year, Eurogate’s Hamburg site was named the Best Container Terminal in Europe for the third year in a row.
That certainly makes sense. So what’s so unusual about it?
It costs resources, i.e. money. What’s unusual is that both partners agreed to pursue this idea without knowing where it would take us, and that each partner is paying for its share of the project. That way, not only do we stay equal partners, but we’re both highly motivated to earn back the money that we have invested. That doesn’t always happen.
So what security solution did this approach produce?
First, it allowed us to reimagine our partnership as a vehicle for tackling a new service: the development of a security center. However, we would not have reached that point if you had not reorganized Sales & Services or provided greater freedom through the contributions of your employees Bernd Wagner and Thies Rixen. This has shown me that T-Systems knows how to listen to its customers and pursue new avenues with them, even if it requires new investment. Next, we developed this idea into a proof of concept (PoC) model that we modified for industrial use, executed at the Eurogate terminal in Hamburg and trialed until this August. It’s an all-in-one platform that, in near real time, detects abnormal behavior of systems and infrastructure and directly repels malware. A security information and event management (SIEM) system provides systematic threat detection, vulnerability management and various behavior analyses.
What exactly did you find out?
We found out that the T-Systems PoC, developed with support from AlienVault, identified more incidents than my entire suite of security tools. That proved, first, that we really needed to do more and, second, that the new platform identified more attacks sooner than our existing toolset. And, believe me, Eurogate is already extremely well-equipped when it comes to security. None of our auditors or assessors had recommended that we take any additional action.
Who do you call to see how your latest product innovation stacks up? Regardless of your industry, if it’s hardware or software, you can call the programmers, engineers, mathematicians, cryptologists and physicists at T-Systems’ testing center.