OREANDA-NEWS.   Deutsche Telekom is setting up an intelligent cyber defense center, so that it can track down increasingly professional attackers and attacks on its IT systems and the network. The ultimate aim is to identify cyber attacks significantly earlier than was previously possible. For corporate customers, T Systems will develop new security services from the defense center. These will complement the existing portfolio under the title "Advanced Cyber Defense".

The basic services for the new center will be provided by the existing Telekom Cyber Emergency Response Team (CERT) that monitors and analyzes cyber incidents around the world and develops countermeasures. The new core of these services is an intelligent analysis tool. It allows Deutsche Telekom to specifically recognize behavioral patterns that indicate a cyber attack on the basis of defined search parameters. Carrying out real-time checks in this way allows countermeasures to be initiated quickly in the event of an attack.

The new analysis method reduces the relevant quantities of data that previously needed to be examined in order to recognize cyber attacks. The tool is based on the idea of a modular security approach. It complements preventive measures where compartmentalization alone is no longer possible or economically viable.

Deutsche Telekom wishes to begin operation of its Cyber Defense Center at the end of this year. At the start of the coming year, the service scope for corporate customers will be expanded to include services relating to the new analysis methods and products tailored to specific customer requirements. Existing core services as part of the "Advanced Cyber Defense" system can already be used. These range from the analysis of companies' individual cyber risks and forensic analyses to support when developing cyber security strategies and architectures and even the provision of specific cyber security services. The services on offer thus cover a spectrum from risk awareness to incident management and allow proactive cyber security management.


Overview of existing Advanced Cyber Defense by Telekom modules

Clarification of individual security incidents, digital forensics, analysis of malicious software and reconstruction of attackers' actions by expert teams (IT forensics)
Remote or on-site assistance in the event of security incidents within the agreed response time
Analysis of open sources and information exchange with ICT product manufacturers, security organizations and external CERTs
Hosting and operation of all systems on which the Cyber Defense Center bases its work

Planned services on the basis of the new Cyber Defense Center

Up-to-date information about attackers and types of attack with recommendations for averting danger
Round-the-clock observation, investigation and assessment of anomalies in networks, systems and applications in order to identify advanced attacks
Continuous (further) development of search patterns in order to identify targeted cyber attacks.