Quick Description of our Department:
Our mission is to ensure that the confidentiality, integrity and availability of E.ON’s information assets are adequately protected. In order to ensure it, best security practices are applied to.
E.ONs Cyber Emergency Response Team is on the watch for cyber security incidents since 2015. Besides the EDT Team in Hanover, many more local teams have been founded in the ast two years. This year was focusing on increasing their maturities, so we can improve protection of our businesses against cyber threats.
In March we asked you via Connect, if you‘d be in favor of choosing longer passwords if you wouldn‘t have to change them anymore. Since June, the new policy is in place for the Windows login. In parallel, we improved our monitoring for leaked or hacked passwords, to make sure no one beside you is able to use your passwords!
Whether it be an e-Mail by Leo Birnbaum or a notification about an alleged eFax that you’ve been missing, 2019 we’ve been running several simulated Phishing attacks to raise awareness how easily cyber criminals could try to trick you. And it pays out: we’re seeing big improvements when it comes to the Awareness of our colleagues!
We introduced the virtual smart card for Windows 10 devices to extend the known physical “black” PKI token by a built-in secure chip. This will bring all of us the benefits of no more forgetting the token at home, no damage or loss of small, external tokens and a new technology that can store much more certificates!
In October 2018 we did enforce our new policy framework on Information Security at E.ON. Using our new tool 3GRC, we‘re now creating heatmaps to validate to what extend our businesses are compliant with all regulations featured inside these policies and to see where we can still improve our cyber security.