• Cybersecurity is becoming increasingly important for companies.
  • EOS uses cutting-edge technology to defend its IT network from attacks.
  • The new protection shield “Iron EOS” consolidates all security measures across the entire Group.

 

Sometimes, all it takes is just one click. Via a carelessly opened attachment, a malware program can gain access to a company computer – and shortly afterwards encrypt all the company’s data. More and more, hackers are using these or similar methods to penetrate companies’ IT networks with a view to selling data or demanding ransoms for its decryption.

It is extremely important for the EOS Group as well to repel such attacks. With subsidiaries in 24 countries and thousands of customers, the company has an inventory of sensitive data. “Our greatest asset is data associated with receivables portfolios that we acquire from customers,” says Gunnar Woitack, who is responsible for cybersecurity in the Group in his capacity as Chief Information Security Officer: “These kinds of portfolios not only contain the data of our customers but also of their customers – i.e., defaulting consumers. They all have to be able to trust us to handle these data extremely carefully and do everything to protect them.

Cutting-edge technologies repel attacks

This is why in the areas of data protection and information security, EOS employs about 90 people across Europe who use leading-edge technology to protect its IT systems from attackers.

In respect of data protection, they are implementing increasingly more stringent statutory provisions like the EU General Data Protection Regulation. The results speak for themselves: EOS companies in several countries have already easily passed official audits. There are already eight companies certified to ISO 27001 in the area of information security that is not regulated by applicable international laws. Implementation projects have been started at several other companies. ISO 27001 is the internationally recognized standard for information security. Moreover, all EOS companies also adhere to the guidelines of the parent company, the Otto Group. They are broadly in line with ISO 27001.

To meet the growing challenges, Gunnar’s team constantly reviews technologies and processes and adapts them to current circumstances. “We are in an ongoing race with the attackers,” he says: “Although we have worked our way into a good position.” In fiscal 2022/23 alone, Gunnar and his team were able to identify around 600 possible vulnerabilities in the IT systems of EOS rated ‘critical’ or ‘high risk’ and close the respective loopholes before an attacker could exploit them.

New international protective shield for data

To make these defenses even faster and more efficient, EOS is currently setting up an international protective shield: “Iron EOS”, short for “Improving Incident Response@EOS”. Iron EOS is based on a “security information and event management system” (SIEM). What is special about this is that whereas the various EOS companies currently handle the security of their IT infrastructure locally, the SIEM can detect security incidents in the entire international network of EOS using artificial intelligence. This makes it possible to act much quicker.

“In an emergency, however, it’s not just about reacting to an attack as quickly as possible, you also have to respond to it with the right expertise,” Gunnar adds. The SIEM therefore reports anomalies to a central Security Operations Center (SOC), where IT experts carry out a “triage”: Which alerts are benign? Which do we have to follow up?

Headshot of Gunnar Woitack, Chief Information Security Officer at EOS.

Thanks to Iron EOS we will be in a position in the future not only to respond quickly but for the first time, to react across the entire Group. In doing so we are taking our cyber-resiliency to the next level.

Gunnar Woitack
Chief Information Security Officer at EOS

As well as defending against attacks, SOC staff use a “vulnerability scanner” to constantly scan the IT infrastructure for potential vulnerabilities. They are also supported in their work by an international compliance team. “Thanks to Iron EOS we will be in a position in the future not only to respond quickly but for the first time, to react across the entire Group,” says Gunnar. “In doing so we are taking our cyber-resiliency to the next level.” All EOS companies are set to be protected by Iron EOS as early as the third quarter of 2024.

 

Would you like more information? Feel free to contact us!

Headshot of Gunnar Woitack, Chief Information Security Officer at EOS.

Gunnar Woitack
Chief Information Security Officer (CISO)

Τηλέφωνο: +49 40 2850-1235

[email protected]

Data protection in the debt collection context: Stephan Bovermann, Senior Group Privacy Officer at EOS

Stephan Bovermann
Senior Group privacy officer of the EOS Group

Τηλέφωνο: +49 40 2850-1577

[email protected]

Photo credits: GettyImages, EOS

Εξερευνήστε περισσότερα από την EOS

Τρία ανδρικά μέλη του Διοικητικού Συμβουλίου της ομάδας EOS στέκονται με επαγγελματική ενδυμασία μπροστά από ασανσέρ σε ένα σύγχρονο περιβάλλον.

Όμιλος EOS: Οικονομικό έτος 2024/25 ανά περιοχή

5 λεπτά
Επιτυχημένο οικονομικό έτος και στις τρεις περιοχές: Τα μέλη του Διοικητικού Συμβουλίου της EOS, Carsten Tidow (Ανατολική Ευρώπη), Sebastian Pollmer (Δυτική Ευρώπη) και Dr. Ohlmeyer κάνουν απολογισμό
Μάθετε περισσότερα
Ο CEO σε γκρι σακάκι και η CFO του ΟμίλουEOS σε μπλε σακάκι περπατούν σε ένα μοντέρνο γραφείο. Ο χώρος διαθέτει μεγάλα παράθυρα, καμπύλο τοίχο και κομψές κρεμαστές λάμπες.

EOS: Οικονομικό έτος 2024/25

4 λεπτά
Ως αγοραστής και πάροχος υπηρεσιών στη διαχείριση απαιτήσεων στην Ευρώπη, η EOS συνδυάζει την επιτυχία με την υπευθυνότητα. Ο Marwin Ramcke και η Dr. Eva Griewel προσφέρουν μια εις βάθος ματιά στο οικ
Μάθετε περισσότερα
AI στην διαχείριση οφειλών: Σε αυτή την εικόνα, δύο επαγγελματίες αναλύουν συνεργατικά τον προγραμματισμένο κώδικα για αυτοματοποιημένες διαδικασίες σε μια μεγάλη οθόνη. Η σκηνή απεικονίζει την πρακτική εφαρμογή της Τεχνητής Νοημοσύνης (AI) και της Ρομποτικής Αυτοματοποίησης Διαδικασιών (RPA) στη διαχείριση χρεών – ένα παράδειγμα ψηφιακού μετασχηματισμού στη διαχείριση απαιτήσεων.

AI και το μέλλον της διαχείρισης οφειλών.

4 λεπτά
Πώς η AI μετασχηματίζει τον χρηματοπιστωτικό τομέα; Dobrin Mirevski και Paul Baltag μοιράζονται απόψεις για αλλαγές — από ηθική αυτοματοποίηση μέχρι λήψη αποφάσεων σε πραγματικό χρόνο.
Μάθετε περισσότερα