Information security

Management approach and targets

Information security is a priority given an increasingly interconnected global environment and the rapid progress of digitalization. It is essential that companies identify risks in good time, establish countermeasures early on, and react quickly and decisively to incidents. Our ultimate goal is to protect information technology (IT) and operational technology (OT) infrastructure on a sustainable basis. The Chief Information Security Officer (CISO) is responsible for information security in DB Group. The CISO reports to DB Group’s Chief Information Officer (CIO) and to the Management Board.

This ensures that Top-Management are aware of these topics. Key responsibilities are to further develop information security in DB Group and develop a permanent information security culture. This includes establishing future-oriented processes, measures and solutions based on internationally recognized, workable standards that apply equally to new and existing IT/OT projects. All suppliers who work with us must also guarantee firmly defined safety requirements. This applies to our partnerships with large cloud providers, such as Microsoft Azure and Amazon Web Services, as well as small and medium-sized suppliers, and all suppliers working on the Digital Rail for Germany program. Due to the topic’s constantly evolving nature and the rapid progress in technological developments, the Information Security division works closely with universities to support research and training for young talent. National and international networking is another of the division’s core tasks, especially in European rail transport. One example is its cooperation with the French state-owned railway SNCF and a university in Berlin.