Clear responsibility at Management Board level and an integral part of the internal control system as well as relevant supervisory bodies.
DT Security @ Management Board level
The Security function of Internal Security & Cyber defense is part of the Management Board area for Technology & Innovation (V TI) headed by Claudia Nemat. As member of the V TI Management Board and leadership team, Thomas Tschersich as Deutsche Telekom’s Chief Security Officer (CSO), is responsible for Security Governance incl. Strategy & Policies as well as for Internal Security & Cyber Defense services provided by Telekom Security. Therefore, continuous Management Board attention, information, consultation and advice on information & cyber security is assured via clear responsibility and accountability on Management Board level and within the V TI board area. This includes important governance-related aspects and functions of a Cyber Security/Information Security committee, e.g. the enactment of Group Security policies, strategies or strategic security measures demanding for respective budgeting or operational impacts.
DT Security @ Internal Control System & Committees
Information & Cyber Security is integral part of Deutsche Telekom’s internal control system and plays a crucial role as one of the key risk mitigation functions. Therefore, risks, threats and latest developments in the area of data security, information security & cyber security from all over the Group are continuously monitored and – along with respective tracking of countermeasures – regularly reported as focus topic within the Group’s Risk Management process. The quarterly risk report is provided to and discussed within Deutsche Telekom’s Board of Management as well as one of the fundamental agenda items of any Audit Committee session. Additionally, Information & Cyber Security issues on specific topics and/or specific cases (e.g. Corona/Covid-19 crisis) are provided and reported ad-hoc and on request.
Furthermore, the monthly Cyber Security Report is provided to board members as well as key partners and stakeholders within Deutsche Telekom’s internal control system such as Group Privacy. It includes latest information and analysis regarding cyber defense operations, attack patterns and threat scenarios as well as countermeasures taken.
In addition, Deutsche Telekom has established the Data Privacy Advisory Board since 2009 as an independent advisory body to Deutsche Telekom AG’s Board of Management. It provides a forum for sharing knowledge constructively with leading data privacy experts from academia, business, government, and independent organizations and advises on key data privacy and data security issues. The remit also covers aspects of digitalization, societal developments and ethical issues. Besides Deutsche Telekom’s CEO, CHRO and chairman of the Supervisory Board, Thomas Tschersich as CSO is also permanent member of this board representing the security issues, especially regarding Information & Cyber security.
This way, data security, information security and cyber security issues are regularly reported to and monitored on Management Board level as well as by the supervisory authorities so that monitoring & supervisory aspects and functions of a Cyber Security/Information Security committee are reassured this way.