Round-the-clock cyber defence: Stuttgart Airport relies on Managed SOC.

Flughafen Stuttgart – Round-the-clock cyber defence: Stuttgart Airport relies on Managed SOC.

Stuttgart Airport is one of the largest commercial airports in Germany and connects millions of people with over 100 destinations throughout Europe every year. Ensuring that operations run smoothly at all times requires more than just perfect processes on the ground - the airport's critical infrastructure must also guarantee the highest level of IT security. The airport's energy control technology also plays a special role here. This is why the airport relies on a modern Security Operations Centre (SOC) based on Google SecOps - operated by Bechtle. This means that IT and OT are protected in a centralised system - 24/7, managed and with full transparency.

Project details.

Services

Security
Managed Services

Industry

Transport / Logistics

Manufacturer

Google

Company size

250 – 1,500 employees

Challenge.

Stuttgart Airport is like a city in its own right, both in front of and behind the scenes. With its own energy supply, special security systems and a complex network of IT and OT infrastructure. Subsidiaries such as Flughafen Stuttgart Energie GmbH are subject to particularly strict regulatory requirements. As an operator of critical facilities, the energy subsidiary had to establish what is known as an ‘attack detection system’ by May 2023. The solution had to fulfil the airport's special requirements. The requirement: a managed Security Operation Centre (SOC) from a single source. It was to recognise and fend off all attacks on the airport's systems. With everything that goes with security - from data analysis and alerting to organising the defence with appropriate measures.

The project was a challenge - also because the implementation took place under time pressure - and Bechtle's professional and structured approach to the topic was very helpful. The team understood our requirements, such as the heterogeneous system landscape, many special systems and high regulatory requirements - especially in energy control technology - right from the start. Bechtle flexibly translated this into a functioning solution. Our SOC is stable and we work well together.

Florian Frech, Head of IT Strategy & IT Management Department, Flughafen Stuttgart GmbH

Solution.

A solution that is not only technically impressive, but also a perfect fit for Stuttgart Airport. The central component: Google SecOps - a cloud-based security information and event management system, or SIEM for short. It collects security-relevant data, recognises suspicious patterns and automatically sounds the alarm in the event of real threats. Elastic - a powerful analysis engine for large volumes of data - serves as the technological basis on site. The entire system is operated by the Bechtle Cyber Defence Center (CDC) - as a managed service, around the clock. This means permanent monitoring of the infrastructure. For the implementation, the project team first built the technical platform.

This was followed by the step-by-step integration of all relevant systems with an initial 12 TB of planned log data per year. The focus was always on: Which data sources need to be connected? Which attack scenarios need to be recognised? Together with Bechtle, clear reporting channels were created, roles defined and processes harmonised - even for incidents outside of business hours. The result: a holistic security structure that intelligently links IT and operations. Particular attention was paid to data quality. Pre-processing takes place in the airport's data centre. Control over the transmitted data is fully maintained at all times - with the full performance of the cloud technology. With Google SecOps and Bechtle's Managed SOC, a security architecture was created that maintains an overview at all times - and reacts with lightning speed in the event of real attacks.

Business benefits.

Monitoring of IT and OT: In one centralised solution for all requirement areas.
Modern SIEM system: With high scalability and efficient log processing.
Multi-regulatory requirements: Are fully met - ensures compliance.
24/7 monitoring: Thanks to the Bechtle CDC - no additional shift operation necessary.
Filtered false positives: Relieves the IT team - only what counts is visible.
Clear processes: And transparent reporting processes - even at night and at weekends.