- Telekom Security launches its integrated Cyber Defense and Security Operation Center
- The Center provides services to more than 30 customers
- The Linde Group signs a service contract to run over several years
The cyber defenses of Deutsche Telekom analyze a billion pieces of security-sensitive data every day from a total of 3,000 sources in an almost completely automatic process. The company processes 1,000 requests every day to protect its own infrastructure and the security of its customers. And all it does to defend its own infrastructure against cyber-attacks, it also offers to help protect other businesses as well. Telekom Security, a Deutsche Telekom business unit, opened its newly integrated Cyber Defense and Security Operation Center (SOC) in Bonn today. The new defense center is one of the largest and most modern now in existence in Europe.
"Information security is based on good cooperative relationships too. Jointly tackling the challenges together with partners in public administration, but also with commercial business partners, is the recipe for our success up to now in seeing off major hacker attacks against the public institutions of the German Bundesländer," said Christoph Dammermann, State Secretary at the Ministry of Economics, Innovation, Digitization and Energy for the State of North Rhine-Westphalia, attending the ceremony. Dammermann went on to say that "the opening of the new Cyber Defense & Security Operation Center is a sign of Deutsche Telekom's determination to continually develop and invest substantially in its capacity to protect itself and its partners successfully into the future."
Around 200 experts are now working in the new master SOC, monitoring around the clock Deutsche Telekom's systems and those of their customers, in Bonn and in all connected sites all over Germany and abroad. Their role is to identify cyber-attacks, analyze the tools used by attackers, fend off the attacks and then use the experience to derive prognoses on likely future patterns of attack. The experts at Deutsche Telekom take advantage of their years of experience in defending against attacks targeted at its own infrastructure. They have collected more than 20 million sample attacks and used them to improve their own internal systems.
More than 30 German DAX corporations and medium-sized companies now rely on the services of Deutsche Telekom to ensure their own protection. The Linde Group is yet another DAX 30 corporation to sign a contract to use the services of Deutsche Telekom's Cyber Defense and Security Operation Center.
"By opening the Security Operation Center, Deutsche Telekom is once more underlining the leading role that we are playing in cyber defense and IT Security. Our customers and an increasing number of other businesses are benefiting from our know-how in Internet security," said Deutsche Telekom's CEO, Tim Höttges. "We are working worldwide with the best partners in the field, bundling their applications and deploying them with maximum effectiveness. The result is that our quiver now contains all the best possible defensive weaponry against every attack."
Deutsche Telekom also looks upon the opening of the new Cyber Defense and Security Operation Center in Bonn as an act to reinforce the city's status as an IT security stronghold. Dirk Backofen, head of Telekom Security, speaking at the opening ceremony in Bonn, went further: "We want to help turn Bonn into Europe's Cyber Security Valley." With the Federal Office for Information Security, the Bundeswehr's cyber defense command, the Fraunhofer Institute, the Ministry of Defense and the City of Bonn itself, Backofen believes that Deutsche Telekom can count on some very strong partners based in the city. "That's something we intend to build on. Only together can we create an "army of the good guys" clearly capable of confronting the hackers effectively," affirmed Backofen.
Facts and figures:
1. SOC employees and locations
- 200 staff working at the integrated Cyber Defense and Security Operation Center, as well as at locations all over the world
- Based in Bonn, Darmstadt, Kiel, Bad Kreuznach, Leipzig, Budapest, Prague, Madrid and Capetown
- Operated by Telekom Security
2. Figures for each working day at Deutsche Telekom (a few examples)
- Analysis of a billion security-sensitive events daily, from 3,000 data sources
- Analysis of 6 billion+ records on Deutsche Telekoms DNS servers for signs of cyber-attack Examination of 10 million e-mails arriving at Deutsche Telekom to combat spam
- Filtering 1,000 viruses and pieces of malware
- 1,000 requests to Deutsche Telekom's cyber defense services
- Creation of 21 security vulnerability advisories
- Average of 6 million attacks on Deutsche Telekom honeypots alone (honeypots are digital snares used to bait hackers)
More generally: more than 20 million malware samples in the Malware Library
- Services all along the security chain
a. Prevention: self-learning systems used to strengthen defenses against new attacks
b. Detection: e.g. threat intelligence, threat hunting, SIEM
c. Reaction: incident response, IT forensics, malware analysis
- 24/7 or 16/5 if requested
- Where required, services provided exclusively from within Germany
About Deutsche Telekom: Company Profile