How KION Group IT Protects KION Group’s Digital Infrastructure Around the Clock

In our digitalized and interconnected world, IT security is the backbone of any modern company—and KION Group IT is no different. KION Group IT—KION Group’s internal IT service provider—relies on a global security ecosystem, which combines modern technology with the experience and expertise of a global team to develop and implement innovative solutions around the clock. The team behind it all—led by Carsten Engelbrecht, Executive Vice President of KION Group IT—is not only changing the IT landscape of our company, but even completely rethinking it in some areas.

When Carsten Engelbrecht joined KION Group IT five years ago, he inherited a severely fragmented IT landscape. “Back then we were looking after 5000 different applications and programs,” he recalls. Each Operating Unit within the group was using its own software and interfaces, meaning there was a huge number of complex systems that would represent a challenge for any security expert. For the IT team, it was clear that this complexity needed to be organized into an ecosystem that would meet three key requirements:

• Global infrastructure: Company-wide solutions covering all international sites and addressing cross-border challenges holistically.

• Connectivity: Seamless communication and data exchange between IT systems to enable an integrated and universal information architecture.

• Standardization: Uniform processes and security standards implemented consistently across all sites, departments, and regions, thereby ensuring quality as well as comparability.

The overarching goal? A system that would not only patch security gaps but also enable the team to proactively anticipate risks and increase efficiency.

This transformation process began with a clear strategy of standardization and harmonization. Today, just a few years on, the number of applications has already been reduced to 4000, and the overhaul continues.

“From an operational and security perspective, it simply makes no sense for every organizational unit to have its own software stack. We need to standardize, standardize, standardize,” explains Engelbrecht. In practice, this means integrating and updating systems and eliminating security vulnerabilities, and all across every business unit in the KION Group. “We are taking this approach because, above all else, standardization brings significant gains when it comes to security,” he explains.

Every standardized interface and harmonized process helps to reduce potential attack vectors. “Supply chain attacks are on the rise,” warns Engelbrecht, referring to a particularly insidious form of digital threat: instead of targeting a company’s systems directly, supply chain attacks involve cybercriminals targeting weaknesses in supplier systems or software development chains.

These threats are complex and real. Cybercriminals are constantly developing new methods for invading company systems. “They never rest,” explains the IT manager. To combat this, KION Group is using an equally tireless security concept—a system that monitors, analyzes, and reacts around the clock.

This aspect of the global security architecture is known internally as “Follow the Sun”. Carsten Engelbrecht: “Responsibility for security literally follows the sun. In other words, we are taking advantage of the fact that we have colleagues in almost all of the world’s time zones. The team based where the sun is currently setting hands over responsibility to the team in the location where the sun is rising.” The result is a 24/7 shift system with seamlessly integrated teams around the globe.

“Previously, when we had serious issues, we would sometimes have to call and get a colleague out of bed at 3 a.m.,” says Engelbrecht. This was problematic in a number of ways: the colleague concerned would probably be tired, they would need some time to familiarize themselves with the issue, they would only be available for a maximum of a few hours, and they would likely be unable to perform to the best of their cognitive ability in the middle of the night. And that’s before we even take working time regulations into account.

Today, there is a team in every time zone ready to take over responsibility. The handover generally runs smoothly and if there are any issues that need to be clarified or particular challenges to discuss, the teams can jump on a quick call and discuss the details. After that, the first team leaves for the day and the second takes over.

The successes speak for themselves. In many cases KION Group IT has already been able to demonstrate that the system functions quickly and effectively when it matters. Nonetheless, caution should be exercised as cybercriminals are using ever more sophisticated and surprising new methods to access sensitive company data. The fact is that cyberattacks caused 260 billion euros of damage to the Germany economy alone in 2023. Despite this, Carsten Engelbrecht sleeps easy at night. The reason? “I know what our team is capable of,” he says.