As Arbonia, we can only maintain information security together with our employees. Our aim is to protect the operating activities and competitiveness of the group against successful attacks. Otherwise, considerable damage can result for us as a company and for our customers through cyber attacks. These range from the loss of employee and customer data to a complete production standstill including high ransom demands.
For this reason, we as Arbonia have accelerated the expansion of the information Security Management System, which contains a holistic security programme. In addition, further guidelines have been issued, for example, on general IT security, password security, or the information security requirements for third parties. The security awareness programme helps employees successfully recognize real threats and potential attacks in both their business and private lives and to react to them correctly, in accordance with the motto "THINK BEFORE YOU Click.Post.Type". Various KPIs give Arbonia an overview of the implemented security measures. Stakeholders are involved in the further development of the IT security architecture through regular user surveys.
The responsibility for the information security of the entire Arbonia Group basically rests with the Chief Information Security Officer and the IT Board, which consists of the Group CIO, the division CIOs and the Group CFO as well as IT representatives of both divisions and the Group. The relevant topics are always coordinated with the division officers and Group Management. For implementing individual measures, the local IT teams and ICT security specialists provide support as interfaces to the sites and companies.
Together for more IT security
The employees of Arbonia are a central link in the security chain in the area of cybersecurity and must assume the corresponding responsibility. The most common attack tool for cyber attacks is e-mail – followed by social engineering (manipulation or influencing of a person) and the Internet. For this reason, it is extremely important to recognise, avoid and report suspicious sources.