According to the Association of German Engineers (VDI), German companies lose at least EUR 100 billion a year through industrial espionage. Spies often use cyber attacks to access sensitive company data. Risk assessment and IT risk management need to be addressed by company CEOs.
"There are cases where investors sue the executive management because the company didn't take sufficient precautionary measures to avoid data loss," cautions Klaus Beucher, cyber security expert at the law firm Freshfields Bruckhaus Deringer. The risk of companies becoming a victim of cyber attacks is on the rise. Such an attack could mean the following for your business: decrease in competitiveness, disruption of business processes, declining revenue and loss of reputation.
IT governance and IT strategy on the basis of extensive risk assessment
Consulting services for data security issues targeted toward the management, e.g., for introducing a Group-wide security strategy.
IT risk management needs to become a top priority for top managers
Top managers need to start focusing on IT risk management. IT risk management involves defining business-critical processes. IT departments then need to assess the technical risk for these processes. A company-specific IT governance policy can be developed on the basis of this assessment process. In view of increasing risks, e.g. from industrial espionage, it is necessary to introduce effective IT risk management measures at companies and in the public sector.
Top managers need to develop a sense of responsibility in developing a holistic IT governance and IT risk management strategy. In order to support this process, T-Systems has compiled its ICT security expertise in a specialized consultant team. The team includes experts for risk analysis, risk assessment and developing IT strategies in consideration of security aspects. The team also deals with issues revolving around mobile security. The team of consultants can draw on their experience in the data privacy and data protection program, which we have been conducting throughout the Deutsche Telekom Group for many years.
Deutsche Telekom draws on their own risk expertise for their consulting services
This allows Telekom to develop new products and systems worldwide, including web portals and online shops, based on an end-to-end data privacy and data protection approach. This significantly lowers the risk of becoming a victim of a cyber attack. Telekom CERT – the Cyber Emergency Response Team – evaluates data from firewalls, servers and intrusion prevention systems to be able to protect the Group from an attack. Our consulting services are based on these results as well.
T-Systems also helps to define a Group-wide IT governance policy. The experience from Telekom Security Management is also used here. Deutsche Telekom has introduced centrally defined security policies at their business units in Germany and abroad.