Information security

Targets and management approach

Information security is a priority given an increasingly interconnected global environment and the rapid progress of digitalization. It is essential that companies identify risks in good time, establish countermeasures early on, and react quickly and decisively to incidents. Our ultimate goal is to pro - tect information technology (IT) and operational technology (OT) infrastructure on a sustainable basis.

The Chief Information Security Officer (CISO) is responsible for information security in DB Group. He reports to DB Group’s Chief Information Officer (CIO) and to the Management Board. This ensures that Senior Management are aware of these topics. Key responsibilities are to further develop information security in DB Group and develop a lasting information security culture. This includes establishing sustainable processes, measures and solutions based on internationally recognized, workable standards that apply equally to new and existing IT/OT projects. All suppliers that work with us must also ensure they have clearly defined security standards. This applies to our partnerships with large cloud providers, such as Microsoft Azure and Amazon Web Services, as well as small and medium-sized suppliers, and all suppliers working on the Digital Rail for Germany program.

Due to the topic’s constantly evolving nature and the rapid progress in technological developments, the Information Security division works closely with universities to support research and training for young talent. National and international networking is another of the division’s core tasks, especially in European rail transport. One example is its cooperation with the French state-owned railway SNCF and a university in Berlin.