IT risk
At Volkswagen, a global company geared towards further growth, the information technology (IT) used in all divisions Group-wide is assuming an increasingly important role. IT risks include unauthorized access to and extraction of sensitive electronic corporate data as well as limited systems availability as a consequence of downtime or disasters.
We address the risk of unauthorized access to or extraction of corporate data with IT security technologies (e.g. firewall and intrusion prevention systems) and a dual authentication procedure. We achieve additional protection by restricting the allocation of access rights to systems and information and by keeping backup copies of critical data resources. We use technical resources that have been tried and tested in the market, adhering to standards applicable throughout the Company. Redundant IT infrastructures protect us against risks that occur in the event of a systems failure or natural or other disaster.
One of our focuses is on continuously enhancing our security measures. The current IT security program, for example, is built on structured rights management, optimization of IT infrastructure, application security and the IT security command center. The role of the latter is to detect cyber-attacks at an early stage and help to successfully defeat them using the latest hardware and software. The command center is staffed around the clock in three regions (Europe, America, Asia). Volkswagen complements these technical measures with consistent awareness raising and training for all employees.
Volkswagen AG, Allianz SE, BASF SE and Bayer AG jointly founded the German cybersecurity organization (Deutsche Cyber-Sicherheitsorganisation GmbH – DCSO) in 2015. The company aims to serve as a competence center, accumulate specialist knowledge on cybersecurity and become the preferred service provider in this field to German business. DCSO conducts security audits and certifies key suppliers and technologies in order to help German businesses detect and defend against cyber-attacks and to predict them in future. It is hoped that close exchange of information with the Federal Ministry of the Interior and the Federal Office for Information Security will aid the compilation of an anonymized status report on national cybersecurity. Small and medium-sized enterprises – including many of our suppliers – can obtain security services offered by DCSO, which they would otherwise be unable to afford. Volkswagen also benefits from this, as it makes our supply chain more secure.
The high standards we set for the quality of our products also apply to the way in which we handle our customers’ data. Our guiding principles are data security and transparency as well as informational self-determination.