Cyberattacks are on the rise and hackers are becoming ever more sophisticated. Cyber spies working as contract thieves are purposefully targeting company infrastructures. To this end, the attackers plant malware in the networks of their victims, with which they can seize control of individual systems or entire infrastructures. This allows them to collect and exfiltrate sensitive data. The problem: For the most part, the malware goes unrecognized by standard preventive defense mechanisms, since they are distributed as "sleepers" and activated gradually. Through subsequent lateral movement, an increasing number of systems fall under the control of the attacker.
We offer an extensive security portfolio from a single source – everything from firewalls to SOC services. Telekom Security manages Europe's largest and most advanced cyber defense center in Bonn and operates a global network of further SOCs in Asia, North and South America, Africa, and several other locations in Europe.
A security operations center (SOC) works like a command bridge whose security experts monitor the threat level and can intervene immediately.
Rüdiger Peusquens, Head of Cyber Defense and SVP Security Testing, Deutsche Telekom
Our work benefits from our security network: we cultivate close contacts with other network operators and cyber security companies, as well as with authorities and institutions such as the BSI, and research institutions such as the Hasso Plattner Institute in Potsdam and Ben Gurion University in Israel. We are also one of the founders of the Cyber Security Cluster Bonn.
To build effective cyber defenses, you need to anticipate and systematically mitigate risks from the outset. Security encompasses prevention, detection, and response. The Security Operations Center strikes when hackers get past the firewall, at the very latest.
The job of SOCs is to detect professional cyberattacks at an early stage. Then they initiate targeted countermeasures. They are also constantly monitoring and analyzing activities across the entire IT landscape (networks, servers, mobile and stationary clients, databanks, applications, web servers, and additional systems) and searching for anomalous activities, which could point to a security breach. Operational technologies (OT) in industrial networks can also be managed this way. The SOC is responsible for correctly identifying, analyzing, reporting, and mitigating potential security incidents.
The SIEM is the SOC's alarm system, making it an important technological and methodological component. While SOC comprises people, processes, and technologies, SIEM is an IT-security tool, which uses many event sources to identify attacks. It orchestrates the continuous collection of log data from end points such as PCs or servers, routers, switches, applications, firewalls, and other systems and evaluates these data. SIEM enables a holistic approach to IT-security. It correlates notifications and alarms in real time and identifies unusual patterns or trends, which could point to a cyberattack. SIEM also uses machine learning (ML) and artificial intelligence (AI) processes. These tools are available as services from the cloud.
The security operations center at Telekom Security serves a wide range of clients in various industries. Data from different customers is kept strictly separate for compliance reasons. That way, the security operations center from Telekom Security creates cost synergies and proves to be more effective than elaborate in-house operations. All clients profit equally on a single platform from the continuously growing experience of our security analytics. We offer security along the entire digital chain: ranging from network monitoring to client and server system protection to safeguarding industrial systems.
From the billions of pieces of data, our analysis teams extract the relevant indicators for attacks and process suspicious cases in fractions of a second. In the final step, they analyze actual breaches and initiate countermeasures.
ISG Research has selected T-Systems as the leading provider of security systems for large companies and corporations. T-Systems is the market leader in terms of its portfolio and competitive strength. Services relate to consultation, training, integration, maintenance, support or managed security services, and an IT security infrastructure based on a security operations center.
