Home

Topic filter

Results

  • Welcome to our topic filter! Please select one or more topics to filter the report according to your interests.
  • The topics you selected unfortunately did not produce any results. Please select a different topic combination.
This image shows a person sitting at a computer with multiple screens displaying various data and analytics.

Cybersecurity and data protection: secure systems, protected privacy

On average, third parties try to gain access to our systems up to 40,000 times per minute. Not least in view of AI-generated attacks, the topic of IT security (cybersecurity) is becoming increasingly relevant. The highest standards of IT and data security as well as data protection are part of our brand identity. Our security experts work around the clock to fend off attacks and protect our infrastructure.

Here in the CR report, we focus on the topic of cybersecurity and only occasionally address data protection aspects. We deal with data protection issues in detail in our Sustainability Statement 2024.

Defend against attacks around the clock

Icon shield (icon)

To fend off attacks, we are constantly developing new processes and continuously improving our sensor technology. Our Cyber Defense Center monitors the security of the Group worldwide (excluding T‑Mobile US) with the help of internationally oriented Cyber Security Incident Management and also offers services for business customers. In so-called Cyber Defense and Security Operations Centers (SOC), we keep an eye on the security situation for ourselves and our customers 24 hours a day.

Evaluating attacks with AI

With the help of artificial intelligence (AI), our security specialists analyze around one billion security-relevant data from around 3,000 data sources every day. They detect attacks in real time and immediately take the necessary steps to render them harmless or ward them off. There were 70 million attacks per day on our honeypot systems in 2024 – these are traps deliberately set for attackers. In Europe, we are pioneers in the proactive fight against botnets (interconnected computers infected with malware) in the Deutsche Telekom network. This is how we protect our infrastructure – and thus also the data of our customers. In the year under review, we further expanded our global network of protection centers. In Bonn, we have put a master SOC into operation, in which over 250 cybersecurity experts work. It is one of the largest of its kind in Europe and works together with our centers in 13 other countries.

Incidents closely targeted

All reports of security incidents on our information and network technologies are concentrated internationally in our Cyber Emergency Response Team (CERT). It is responsible for managing incidents and developing mechanisms to detect attacks on internally and externally accessible systems at an early stage.

At the same time, our threat intelligence team analyzes how the perpetrators proceeded and which tools they use. The experts are well networked with researchers from all over the world and exchange the latest scientific findings.

You can find out more about the tasks of CERT on our

Group website

We also offer our services against cyberattacks to other companies: More than 150 German DAX and medium-sized companies use our services for their own protection.

You can find more Information about our projects to strengthen cybersecurity in the

CR Facts

Security and commitment combined: Deutsche Telekom Security GmbH

It is one of the world’s largest providers of digital security and the market leader in Germany, Austria and Switzerland: Deutsche Telekom Security GmbH bundles cybersecurity expertise throughout the Group and has not only successfully secured our own infrastructure for many years – the solutions are also offered to our customers. In order to further improve cooperation in digital hazard prevention, Deutsche Telekom Security GmbH is involved in numerous organizations and associations. It also works with other ICT service providers in Germany and at EU level.

The company’s focus is also on the protection of children on the internet: its portfolio includes educational offerings such as AwareNessi, which are designed to provide children with basic knowledge in the field of online safety. For more information on our approach to protecting children when using digital media, please visit Consumer protection here in the CR report.

Deutsche Telekom Security GmbH offers part-time training to become a cyber security professional and other career opportunities. We provide detailed information on this here in the CR report under Employee development.

Progress in 2024: Impact of our actions

We conduct regular surveys to determine the data protection and security awareness of our employees on a random basis (Group-wide excluding T‑Mobile US). Based on the survey results, we calculate various indicators that we use to check the effectiveness of our IT security and data protection measures. The Security Awareness Index (SAI) is a benchmark for how employees rate IT security at Deutsche Telekom. The higher the value, the better the rating. With the so-called Data Protection Award indicator, we calculate the level of data protection in the units on a scale from 0 to 100 %.

You can find out more about the impact of our data protection measures in our

Sustainability Statement 2024

We last surveyed the SAI in 2023: it achieved 80.6 (previous survey 2021: 80.9) out of a maximum of 100 points. We last calculated the Data Protection Award key figure in 2022: It was 88 % (2020: 86 %).

Icon gear in a recyclingcircle (icon)

In the reporting year, we began to fundamentally revise the calculation of the two key figures. In the area of data protection, we will integrate the evaluation into our mandatory training on data and information protection in the future. For cybersecurity, 2024 marked the start of our new, annual Security Awareness Survey. In the reporting year, we surveyed around 63,000 randomly selected employees. In the future, the SAI will be collected on the basis of these annual survey results.

Looking ahead

Our intentional traps for cybercriminals were targeted by 70 million attacks per day in the reporting year. This shows how important it is to continuously improve our cybersecurity activities. With innovative processes, the increased use of AI and the expansion of our protection centers, we are doing everything we can to keep our infrastructure and our customers’ data secure in the future.

Deep Dive for experts

Management & Frameworks

  • We have established a security organization centrally and in all units of the Group. The “Security” guideline contains Deutsche Telekom’s key security-related principles with regard to data security and cybersecurity and is based on the ISO 27001 standard.
  • Since 2020, CERT has been officially certified according to the SIM3 (Security Incident Management Maturity Model) standard.
  • Our group companies are subject to specific data protection regulations, such as the GDPR in the EU. Our data protection management system describes measures, processes and audits to ensure compliance with these regulations. With our globally active data protection organization, we are constantly working to maintain a transparent and high level of data protection in all Group companies. As far as legally possible, the companies in the Group have also committed themselves to complying with the Binding Corporate Rules Privacy, which is intended to ensure a uniformly high level of data protection in accordance with ISO 27701 for our products and services.
  • We provide comprehensive information about our data protection activities on our website. Since 2014, we have also published an annual transparency report. In our Status report on data privacy, we also report on major data protection-related processes and associated measures.
  • Our customers in the U.S. receive information about the data protection practices of our U.S. subsidiary via the Privacy Center of T‑Mobile US. It provides consumers with information about how the company collects, uses, shares, and protects personal customer information; additional information about the types of data collected and the programs that individuals can enable and disable; what types of data are used internally and under what circumstances data may be sold or disclosed to third parties; and more information about how data is stored and backed up.
  • In addition, T‑Mobile has policies and procedures in place to maintain data security through the submission of Cybersecurity Service Requests (CSR). T‑Mobile US also conducts a comprehensive data inventory of its systems.
  • We want to ensure the lawful processing of personal data while respecting general human rights. In our Human Rights Code, we (Deutsche Telekom without T‑Mobile US) are committed to the fundamental right to data protection and informational self-determination that applies in the EU and would like to promote its worldwide recognition.
  • In our guidelines for the ethical use of AI, we have also set out how we (Deutsche Telekom without T‑Mobile US) deal responsibly with AI in our products and services. T‑Mobile US is steering the issue with its Responsible AI Policy and Guidelines.

Relevant standards

  • Sustainability Accounting Standards Board (SASB)
    • TC-TL-230a.2 (Data integrity)

Other sources of information on privacy and security

This website uses only the technically necessary cookies to provide you with the best possible service. More information can be found here.