This is not only about technology and processes but also about peo ple To strengthen cybersecurity at Schaeffler we need employees that have the requisite know how and are the best in this field which is not easy in the current competitive con ditions On the other hand we also need an awareness and acceptance among all employees of how import ant this issue is to Schaeffler years says Klaus Rosenfeld Schaeffler s CEO not least under the aspect of progressive digitalization as part of our forward thinking program Agenda 4 plus One with which we continue to consistently drive Schaeffler s transformation Large sums transferred from company accounts The latest hacking trend is CEO fraud Hackers spy out internal processes and data pass themselves off as the company s CEO and then get employees to transfer company funds to the hackers accounts The U S Federal Bureau of Investigation FBI report ed some 78 000 cases of CEO fraud in the past five years The Austrian Chinese aerospace industry sup plier FACC became a victim of such a scam in 2016 and transferred 50 million euros to criminals Consequent ly for protection against CEO fraud Schaeffler also relies on modern Information Security Management Systems ISMS that safeguard sensitive company data against third party access and use smart technology to define the contents that may be maintained on com pany smartphones and computers and how to store them there in encrypted form Employees themselves have to be sensitized to the issue of IT security over and over as well Every pri vately owned end device with a camera and microphone taken onto company premises poses a security risk And although the danger of viruses emanating from owner less USB memory sticks found lying around is a topic of any security training some 45 percent of all the sticks put out in a test by the University of Illinois were insert ed into computers by their unsuspecting finders Thus humans continue to be the most vulnerable link in the security chain Even back in the days when seven year old Josef Carl Engressia called the AT T troubleshooting service to ask questions about the 2 600 hertz trick the opera tors readily revealed additional information unwitting ly helping the phreaking scene to refine their phone tricks and to defraud telecommunications companies by whistling their way to free long distance calls worth millions of dollars THE AUTHOR Journalist communications con sultant and ex Telekom spokes man Dr Lorenz Steinke grew up with 8 bit computers The croak ing sounds of datasettes and acoustic couplers were the music of his youth that brings back fond memories unlike the phone bills he ran up in those days Since 2014 Schaeffler has had an in house Chief Compliance Officer CCO responsible for business secu rity and cybercrime among other things who reports directly to the CFO To protect the company s own and its customers data Schaeffler maintains an Information Security Management System ISMS that is oriented to the ISO IEC 27001 standard Internal and external experts periodically sensitize employees to IT security issues in training sessions based on case studies of the latest scams used by cybercriminals such as CEO fraud or smuggling viruses worms and ransomware extortion programs that capture company data and release it only against payment of ransom into IT systems To implement its Digital Agenda Schaeffler systematically scouts for digital talents and digital natives who share their data management and data security knowledge also internally Schaeffler is a member of the German Association for Data Protec tion and Data Security GDD and engages in regular exchanges with govern ment authorities and other companies concerning current cyber security risks and issues IT SECURITY SCHAEFFLER S APPROACH Georg F W Schaeffler Shareholder and Chairman of the Supervisory Board here and now 77

Hinweis: Dies ist eine maschinenlesbare No-Flash Ansicht.
Klicken Sie hier um zur Online-Version zu gelangen.