Secure IT operations and services are one of the primary targets for all IT employees at DB Schenker. In our globalized digital working environment during these special times, IT Security becomes more significant. Besides technology and system protection, TSC Nanjing recently initiated the SECURITY FIRST - IT Security Month campaign, aiming to increase awareness among all employees. “In previous decades hacking was a mastery for rather intellectual technicians trying to expose system weaknesses following certain ethics. Also, several decades ago we had less users having access to the Internet. Nowadays, with more sophisticated security solutions and well protected ICT environments the possibilities for hackers to retrieve confidential documents by hacking into a professional organizations IT system are rather limited. Instead, with today literally everyone being constantly connected to the Internet we have experienced a significant increase in attacks via the human interface that requires less intellectual but more criminal energy to enter into organizations ICT systems e.g. via phishing methods.”, TSC Nanjing General Manager Zeljko Ivkovic said, who is also the initiator of IT Security Month among TSC Nanjing. (TSC Nanjing General Manager Zeljko Ivkovic)
“However, being a company with ~440 employees we consist of people from various backgrounds with different experience levels and knowledge of IT Security, which means vulnerabilities exist constantly (distraction, being in a hurry, unawareness, …) Hackers can be very familiar with the look and feel of Emails and websites of the company they are aiming at and take advantage of people’s unconsciousness and carelessness to retrieve what they want for criminal purposes and illegal benefits, which can, in the worst case, lead to great intellectual & financial loss for the attacked company.”
Therefore, people’s awareness becomes the weakest link but also the most significant part in preventing IT Security risks. Therefore TSC Nanjing initiated the IT Security Month to not only promote related knowledge and skills, but also increase employees’ consciousness in daily work to guard Schenker’s Security.
TSC Nanjing is taking a whole set of actions in strengthening knowledge and raising awareness among colleagues and those are:
- Comprehensive training, including e-learning courses, classroom-style training;
- Newcomers orientation on IT Security policy and practices;
- Posters around office as a reminder;
- Awareness campaign to engage all employees’ participation and interaction;
- Internal communication via emails and Teams;
- Phishing test by sending test phishing emails to employees to check the results.
(Security First - IT Security Month serial posters)
From technology perspective, TSC Nanjing has also started on some ongoing global Strategic Initiatives, such as:
- Having a global IT Security Program in place to ensure privileged accounts are properly managed/secured and our IT solutions are being developed in a secure way,
- Planning to implement OWASP SAMM (Software Assurance Maturity Model) in all TSC Functions
- Continuously optimizing secure and risk-based authentication in collaboration with ITGov, GIS and GDiS
IT Security was, is and will be on the top of TSC Nanjing’s agenda and we hope that all employees can work together to pay attention to IT Security as well as taking care of personal health at the same time.