Europe’s largest CDC & SOC

Dirk BackofenSVP & Head of Telekom Security

13th March 2019

@Backofen

D

PLATZHALTER: Intro Film SOC

Neu von mBox

SOC

Prevention is no longer enough…

Managed cyber defense

with Innovative SOC Operation

Who can detect whether an attacker has already Infiltrated your Infrastructure in 24/7 ?

Comprehensive Use case Library out of

all Industries

We run Europe‘s largest integrated Cyber Defense and Security Operation center in Bonn

Collaboration of all SOCs (Darmstadt, Kiel, Bad Kreuznach, Leipzig, Prague, Košice,

Budapest, Vienna, Madrid, Johannesburg/Cape Town,

Singapore (coming soon))

3

240 Cyber Security Professionals4

Magenta heartbeat for cyber security

“Made in Germany”

Central incident coordination, Threat-Intelligence,

Forensic

2

5 Use cases out of each industries

Master CDC + SOC1

PLATZHALTER: 40 Sekunden Film SOC

Neu von Nordisch

integrated CDC + SOC: One Platform for all Customers

Threat intelligence / Threat Hunting / Forensic

SOC + SIEM Tools

In total > 70

DAXCorporation 1

DAXCorporation 2

… SMECorporation 1

SMECorporation 2

SMECorporation n

…TelekomDAX

Corporation 3

Linde Group

Knowledge / Threat intelligence / Use Cases

BENEFIT from our Self-Learning / SELF-IMPROVING platform

DAXCorporation 1

DAXCorporation 2

DAXCorporation n

SMECorporation 1

SMECorporation 2

SMECorporation n

Telekom

Knowledge-Transfer: All clients benefit automatically and immediately from new insights into types of

attacks!

Strict data separation Data exchange between clients is impossible!

Security Operation Center

24 / 7 / 365

16 / 5 / 365

Optional: De-only Resources

Otherwise: Mix De /

Nearshore

project price

Security Outsourcing

demand for complete Outsourcing Security Operation

Prevent Detect Respond

Policy Auditing

Vulnerability Scanning

Mobile/Endpoint Protection

Anti-SPAM

Firewall

Security Gateway

CERT

Incident Coordination

Incident Response

IT Forensics

Malware Analysis

Threat Intelligence

SIEM

IDS / IPS

Advanced Threat Protection

Endpoint Detection & Response

Threat Hunting

Service Management

Reporting

Consulting

Honeypot Monitoring

DDOS Protection

APT Protection

Black Hole Monitoring

Mobile Protection

PLATZHALTER: VIDEO

Fraudulent Domain Monitoring

PLATZHALTER: VIDEO

Last Line Of Defense / Database Activity Monitoring

peter.schmidt@company-group.com peter_200fernando.torres@group.com.mx gmn98fverena.heise@group.com Lon2013mdxveronica.dubio@group.com dubio416vincent.sprint@group.com MARSEILLE1vincent.eye@group.de puiseauxVladi´mir@group.ru BestGroupvladimir.life@group.com ludmila1958vlasta.walesa@group.com kuqivuriflex.dominus@group.com.hk wangpingvoskov@group.ua voskov1234francesco.pecunia@group.com (m4rc3ll4)Frederic.Pferd@group.de 000000brit.obst@group.com joeboothPeter.Pan@group.com hakansson80winnie.puh@group.com.hk oop717ooppatric.leclerqh@group.com Leqlerc2002steve.wurst@group.com misawa72jay.kim@group.com c00larch………………………………………

MONITORING OF Leaked CredentialsCompany Usernames and Passwords

Leaked Credentials are a RISK for the Company

New dimension of targets

Photocredit: PublicDomainPictures, 127071, geralt, wasimkhanssrk,

pexels| Pixabay

( )

Corporate Networks Industrial NetworksAutonomous Driving

InfrastructureConnected Car

Comprehensive protection established:

In the future, Every car needs to be protected like a corporate network

Secure E2E connection to datacentre/cloud3

Secure in-vehicle network2

Advanced Security Hub necessary for every car1

Secure identity for each car4

Security analytics on automotive data5

Central Car-SOC for Europe6

Honey-Cars to collect attack data & new threats7

Autonomous Driving: “Everycar connectivity“ needs “everything security“

Car2Car

Car2Backend

Car2Infrastructure

Car2Mobile

In-Car

Car-Diagnostics

Sensor Data

Aggregation of User data

Sensor Data, Routing-Information, Traffic Control

Traffic Optimization, E-Charging

Access Control Data, User Data / Media, Travel Information,

Car Control (Climate, Media, Speed, Route Control

Traffic Flow, Distance Control, Speed, Warnings,

Direction change, Collision Prevention Data

Sensor-Actor-ECU-Communication (In-Car Data), User Data

Photocredit: TayebMEZAHDIA | Pixabay

Connected car Architecture

Autonomous

Driving Backend

Car-Backend

Device

App-Server

App

Private APN

Web-Server

Interfaces

GSM

BluetoothWlan NFCUSB/SD

Key/DataStorage

Key

Interfaces Key-Storage

NFC Bluetooth

Wireless

OBD-Dongle

Interfaces Storage

UserInternet

Automotive-SOC

Security

Data

Drive

Control units/

Interfaces / Buses

Infotainme

nt

Keyless-Go

/ Body

Control

Autonomou

s Driving

Diagnose

Motion

BUS-systems

(CAN, Most, Lin, Flex, Eth.)

Connected Car

Security Monitoring/

Intrusion DetectionFirewall

Communication

Unit

OBD2-Port

Ce

ntr

al G

ate

wa

y

Comfort

e.g. CAN

or

FlexRay

e.g.

automotive

Ethernet

IDS

European Car-SOC is Necessary

CAR-SOC Europe

Special runbooks for every car manufacturer and attack scenario

3

Professional analysis of all indicators of compromise (IOCs)2

24/7/365 monitoring of all security-relevant events1

Exclusive "Car Honeypots" for every vehicle model 4

Global knowledge transfer of threats and countermeasures5

World’s leading threat intelligence for vehicles6

Connection of all CDC & SOC experiences of telecommunications

/ corporate networks and networked vehicles7

How you Could benefit from more than 20 years of expertise in cyber security

1.500 cyber security professionals

Europe’s largest integrated

CDC and SOC

Zero Impact approach

Security and data privacy made in Germany

One of the largest threat intelligence databanks

Same high professional tools like in internal use

Different attack vectors out of all industry sectors

Telekom SECURITY

Security by Design based

T-SystemsLet’s Power higher performance!

Connectivity Cloud & InfrastructureDigital

Ready for 5G, Designed for Security, Digital and Scalable

Security

Self-learning system as the key to success2

Security is for sharing3

Vision: AI Of the defender levers out the

AI of the attacker4

5 We Create …

Cyber Security - Knowledge & Experience

is the Biggest USP1

Key Take-Aways

CDC+SOC

PLATZHALTER: Outro Film SOC

Neu von mBox