Digitalisation, data protection and cybercrime
Status: 02.09.24
Admittedly - at first glance, DSW21 doesn't seem particularly "digital". We are simply travelling Dortmund's streets with buses and trams. From the outside, almost exactly as they have been for over 140 years. Even if the vehicles have become more modern.
How digital can bus travel be?
At second glance, however, things look different. Our timetables are now available via app or download. If you want, you can do without the classic paper ticket and carry your ticket on your mobile phone. If you do buy a ticket directly on the bus, you no longer have to rummage around for change, but can conveniently pay cashless on many buses. For example, on all our e-buses. And there is information on digital displays at bus stops and in the vehicles.
What our passengers usually don't notice is the extensive information technology that monitors our vehicles and the rail network, controls points and signalling systems and thus manages public transport in the background. Apart from that, of course, we also have the normal IT systems for day-to-day (office) work. We exchange vast amounts of data every day - between our various locations, vehicles and stops. Everything is interconnected, everything is online and networked. Digitalisation helps us to improve our services and make mobility by bus and light rail more convenient than it was 140 years ago.
But all this digitalisation raises one question. What is the best way to ensure that such a complex system is secure and that nobody from outside the company can gain access to it? Today, it is no longer a question of hacking from the basement at home. "Cybercrime, i.e. computer and internet crime, has become a professional business. It is no longer about individual perpetrators acting alone. Today, it's whole teams working together to carry out attacks on a large scale.
Of course, this is a big issue for us at DSW21. Whether it's preventing customer data from being stolen, malware paralysing public transport in Dortmund or our systems being taken "hostage" to extort ransom, we take the dangers seriously. Thanks to our colleagues who, together with our IT service providers, take care of data protection and information security, we are well positioned to defend against such threats.
But in times when cybercrime has an increasingly political background and the methods are becoming ever more sophisticated, this is no longer enough for us. We want to be even more secure in the future. In line with the motto "Better is always possible", there will soon be a completely new specialised department within the company. Our internal "Security Operations Centre".
Our future colleagues will take on the challenge of scrutinising our IT infrastructure even more closely. Like a needle in a haystack, they will be tasked with finding security gaps and anomalies in our systems. But also, of course, ways to eliminate them.
If an intrusion into one of our systems does occur at some point, it is their job to detect it as quickly as possible and initiate countermeasures. Practical action plans are drawn up for all possible types of security incidents in order to be able to react directly and quickly in an emergency.
For a company with such a broad-based IT landscape, we think this is a pretty big job.
If you would like to take on the challenge of setting up and significantly shaping our SOC, you can find the relevant job advertisement here:
