Everything we do comes down to information. Digital, physical, and verbal. In products, processes, and in people. At GEA, we are deeply committed to protecting all kinds of sensitive information for the benefit of our customers and partners, and for our corporate success.
GEA is a globally active and leading company, known for its outstanding technologies worldwide. For more than 100 years, GEA has continued to develop and set new standards to meet the needs of the market and its customers.
Today, the need for information security is constantly growing – especially as digitalization increases.
Information security will have a significant impact on corporate success over the coming years. Since everything we do is based on information, and systems become more and more interconnected, securing information is an imperative for future success.
At GEA, information security is one of the prime strategic priorities. We shape and design our value creation processes to ensure information is handled securely.
By protecting our own and our partners’ company information, we will all have the prerequisites and the peace of mind to focus on what we do best: engineering for a better world.
GEA strives to be the world’s leading technology group, providing innovative and sustainable solutions for sophisticated process industries. Our long-term strategy is based on our central goal to be the partner of choice for customers worldwide.
Accordingly, we strive to have a profound, secure, effective, and efficient Information Security Management System (ISMS) in place.
At GEA, we work hard every day to achieve this. We operate and continuously improve our global ISMS, which consists of preventive, detective, reactive, and corrective security measures against growing security threats. From top management to every employee, each member of the GEA Group worldwide is committed to protecting both the information of our customers and partners as well as our own in the best possible way within their area of responsibility.
Our approach is to protect all kinds of sensitive information: intellectual property, strategic, pricing, personal information and other know-how processed by GEA, regardless of its format. Because information security applies to physical, electronic, and verbal information alike.
Our goal is to adequately protect all information assets from theft, loss, unauthorized disclosure, unlawful access, misuse, unauthorized modification, and destruction.
We achieve this by covering the core values of information security – confidentiality, integrity, and availability – also known as “CIA.”
GEA operates and runs a global Information Security Management System (ISMS). It supports the Executive Board, managers, and all GEA employees in protecting sensitive information.
The security measures put in place by our ISMS play a preventive role to avoid risks in the first place. But we have also defined detective and corrective measures to respond to successful attacks in a timely manner.
GEA’s ISMS is based on the ISO/IEC 27001 standard, takes on board industry-specific regulations, is continuously further developed by our Chief Information Security Officer, and is reviewed and approved by the Executive Board.
Within the ISMS, we operate and maintain two lines of defense against major security risks.
In the first line, seven focus areas address risks and threats where they occur:
As a second line of defense, the Chief Information Security Officer is responsible for information security governance. He establishes the security levels at GEA by defining the security requirements, risk levels, and standards.
Thanks to GEA’s Information Security Management System we protect information assets through effective, efficient, and modern methods. Our customers and partners benefit from that in many ways:
To prove that information is handled securely at GEA we have independent, renowned institutions audit and confirm the efficiency and effectiveness of the security measures we take to protect our information and that of our customers.
Here you will find an overview of the certifications we have already achieved.
GEA achieved the ISO/IEC 27001:2013 Certification for the GEA Group as an umbrella certificate as well as concrete for the legal entities GEA Group AG and GEA Group Services GmbH, provided by the TÜV Rheinland in January 2022.
The international standard ISO/IEC 27001:2013 confirms the adequate documentation, implementation and effectiveness of our Information Security Management System (ISMS).
GEA also achieved UK Cyber Essentials Certification in 2021. The government-backed Cyber Essentials Certification in the UK helps businesses protect themselves against cyber-attacks. By obtaining this certification, we are proving to customers we can properly protect our own as well as others’ data.
Certificate ISO/IEC 27001:2013
Annex to certificate ISO/IEC 27001:2013
Cyber Essentials Certification
Securing assets and future success - Information Security at GEA
Information Security policy
Information classification and handling policy regarding confidentiality
Handling rules for information
Stay in touch with GEA innovations and stories by signing up for news from GEA.Sign up
We are here to help! With just a few details we will be able to respond to your inquiry.Contact us