Infineon Cyber Security Program

Cyber and Information Security is of topmost importance to Infineon, our investors, customers, and partners. With ever growing national and international regulation and a diverse set of standards, coherent management of a corporate Cyber Security Program is essential. Infineon has implemented a threat-intelligence-informed, adaptable global Cyber Security Program together with a corresponding Cyber and Information Security Management System (CISMS). The program systematically identifies and manages relevant risk imposed to Infineon from the cyber domain. Additionally, it aims to be certifiable in respect to various national and international standards, while also enabling quick assurance of Infineon Technologies’ Cyber Security posture towards our customers and those standards relevant to their business environment.

Infineon appointed a Chief Information Security Officer (CISO). The CISO is supervised by the CDTO on board level. Additionally identified cyber security risks are managed as part of Infineon’s Enterprise Risk Management and as such supervised by the risk committee and both CEO and CFO.

The CISO directs and supervises the implementation of the cyber security program globally. The department reporting to the CISO, with an assigned organization of managers and experts, is part of the Business Continuity organization. The department is responsible for the implementation and operation of the Cyber & Information Security Management System, its processes and requirements.

Through our rigorous risk assessment, self-assessment, and external benchmarking we constantly review and optimize all relevant areas of the cyber security program. As a result, we continuously improve our security processes and measures and thereby empower our customers and business partners while strengthening trust. Through internal and external audits and certification programs and dedicated supply chain management for both forward and backward supply chain we assure the effectiveness of our Cyber Security Program, Management System and Controls. As such Infineon’s track record and current certifications and accreditations show that Infineon not only implements the lawful minimum requirements but go beyond as an active member of the international cyber security community. Infineon Technologies established a global Cyber Security organization which also hosts the Infineon Cyber Defense Center which implements an active defense approach to counter cyber-attacks.

Infineon Cyber Defense Center (CSIRT) and PSIRT

Cyber Defense Center and PSIRT teams act as single point of contact for immediate response to security threats and issues affecting products, solutions, services, systems or infrastructure for Infineon Technologies AG and all subsidiaries globally.

The Infineon Cyber Defense Center (CDC) is a dedicated team within Infineon’s Cyber Security organization, tasked to secure the Infineon infrastructure. CDC monitors the current cyber threat landscape internally and externally. It advises the corporate IT organization and business functions to improve enterprise IT security and cyber and information security. The Cyber Defense Center is responsible for coordination the response to cyber security incidents or cyber-attacks. As such the team acts as the central contact point for security researchers, industry groups, government organizations, and vendors to report potential cyber incidents or security vulnerabilities affecting services, systems or infrastructure of Infineon Technologies or its subsidiaries.

The Infineon PSIRT is a team of seasoned security experts from the Infineon divisions that manages security issues related to Infineon products. The team acts as the central contact point for security researchers, industry groups, business partners, and other third parties to report potential product related security vulnerabilities. To facilitate the appropriate response to identified security issues, the team will maintain communication between all involved parties, internal and external.

Contacting the Infineon Cyber Security Team

Cyber Security
Customer Requests towards Infineon’s Cyber Security
Program and Maturity

Cyber Defense Center
Main contact for potential security issues in respect to IT Infrastructure and Services

Infineon PSIRT
Main contact for potential security issues in respect to Infineon products

cybersecurity@infineon.com

cert@infineon.com

 psirt@infineon.com
 

D4B3 6070 3A28 5A0B 6B3E CB45 7DAC 2728 A56D D27D

6CA1 0B98 E742 4806 89F2  9302 A0F2 7F56 FFEA 8A05

S/MIME Supported

PGP Key

PGP Key

 

Additional Contact Data
(external Link)

Vulnerability Notification Process

 

 

 

Certifications & Accreditation

Our Cyber Security Program and Management System is certified as part of our Quality Management System Certification.