Information security 2021

Protecting value: Cybersecurity at Körber

Cyberattacks not only endanger the company's success — they also hinder innovation and progress. In an interconnected world, reliable data protection and network security are essential to a sustainable corporate culture. Körber is taking on corporate and social responsibility by means of its own Cyber Defense Center (CDC) and a multi-level security concept. 

Digitization makes processes faster and facilitates global business. Unfortunately, this also applies to criminal activities.   That’s because data thieves and extortionists also benefit from digital progress. Emails and messengers, social networks, tools for digital collaboration, mobile access to data and, last but not least, millions of downloads every day — all of this offers hackers a constantly growing target for attack. Given the increasing reliance on digital systems, the World Economic Forum (WEF) now rates data theft and network sabotage as a serious threat to society. According to the WEF Global Risk Report, the spread of extortion ransomware alone increased by more than 430 percent worldwide in 2020. 

Companies from all sectors can be targeted. “Today’s hackers are usually well informed. They know where an attack is worthwhile and systematically look for weak points,” says Andreas Gaetje. As Körber’s Chief Information Security Officer (CISO), he is responsible for group-wide digital security. The office software is under his protection, but that’s not all. As digitization progresses, production IT (operational technology, OT for short) must also be protected against external attacks, Gaetje explains. “We store and transport increasing amounts of data for our customers. They want to be assured that with us they are in safe hands,” he says.

Protecting companies and data from cyberattacks is vital — not only for business reasons. It's also about trust — that of customers, employees, cooperating companies and suppliers, and ultimately society as a whole. The responsible, proactive handling of cyber risks is therefore a key principle of sustainable governance for Körber — along with environmental and social aspects. As a technology leader, Körber has a special responsibility. “Our clearly defined, risk-based Information Security Management System (ISMS) is based on international standards such as ISO 27001. All of the measures are continuously checked and constantly adapted to meet changing threats,” says Gaetje.

Körber continuously invests in security-related technologies, expertise, and training in all areas of the company. For example, at the Cyber Defense Center (CDC) in Porto, which was set up in 2020, a team of data security experts is exclusively responsible for monitoring and threat prevention. These IT professionals monitor the global threat situation in order to identify and close security gaps as quickly as possible.

The coronavirus pandemic and the resulting widespread work from home increased the attack opportunities for hackers — and with them the challenges in the area of information security. Körber reacted in good time and prepared itself for the decentralized world of work. Advanced AI-supported security tools are used to secure local terminals, emails, and data traffic. New software applications are systematically tested for potential vulnerabilities during development, and internal teams of developers are continuously trained to deal with security aspects.

Not only in the IT departments but in all areas of the company, Körber consistently relies on regular training courses to continuously sharpen the attention and security awareness of users within the Group. In the training courses, employees receive for instance fake phishing emails, in order to raise their awareness for the increasingly sophisticated methods used by hackers. Körber is continuously updating and expanding its extensive internal range of information on topics such as the responsible handling of data, password security, fraudulent attempts at manipulation (social engineering), and correct behavior. 

After all, “even the best technology can never offer 100 percent protection,” says Andreas Gaetje, adding, “and if something does happen, it is crucial that we are well-positioned and that we have clearly defined processes in place that enable us to contain the attack immediately and get back to business as quickly as possible.”

In an interconnected world, cybersecurity is not only safeguarding, but also paving the way for our global business.

Andreas Geatje, Chief Information Security Officer, Körber Group

    

At a glance:
Cybersecurity at Körber

  • Thanks to regular training courses and certified training programs, our employees’ security awareness and knowledge of cyber risks have improved significantly over the past two years. 
    • 95% of Körber employees feel sufficiently informed about information security at their employer. 
    • 80% are more careful than they were two years ago when clicking on links or choosing a password. 
    • 90% of Körber employees find it easy to identify fraudulent e-mails and know how to respond.
  • Independent ratings such as the Bitsight Security Rating and internationally recognized cybersecurity certificates verify and document our responsible group-wide handling of cyber risks.
  • We continuously invest in the latest technological security solutions. Our own Cyber Defense Center will go into 24/7 operation in 2022.
  • Our comprehensive approach to information security includes the operational technology of our machines and equipment and our customers' data. Together we are developing secure digital solutions for industrial manufacturing 4.0.

Learn more about our path
to more sustainability:


energy_savings_leaf
We reduce our energy consumption and become CO₂-neutral by 2025.
to enivronment
people
We are a fair and attractive employer.
to social
hub
We have responsibly organized supply chains.
to governance

Körber Sustainability Report 2021

All information at a glance: Download the Körber Group Sustainability Report as a PDF here.

Download PDF file (11 MB)

Back to top
Back to top