Internet Security Days 2023 - Tickets buchen

State of the art starts in the conception as well as in the strategy. Two of the core demands of the Sustainable Digitalisation WG are security-by-design and privacy-by-design. These are key principles that apply not only to the design of technology but, above all to the strategic orientation and structuring of a company. Everything is derived from these principles.

In the context of sustainability, one speaks of the “licence to operate”, which a company must define for itself and for the increasingly important stakeholder group of the public. Similarly, a digitalising company must initially establish its raison d'être and legitimacy within a digitalising market environment. This is not what’s actually happening today, which is why our technical activities endanger the freedom, dignity and self-determination of future generations on a daily basis.

Caroline Krohn is the Founder and Spokesperson of the Sustainable Digitalisation Working Group. This initiative has set itself the goal of focusing on the protection of future generations in times of increasing digitalisation. She is particularly working with the GovTechCampus on a sustainability audit for public sector digitalisation projects.

She is involved in multiple areas, including entrepreneurship in IT security, IT expert recruitment, and sustainable business management. Additionally, she actively engages in digital policy with Bündnis90/The Greens, for which she ran for the Hesse state parliament in 2018 and the Bundestag in 2021. In addition, she plays a significant role in civil policy, including as a Board Member of the LOAD e.V. – Association for Liberal Internet Policy. Caroline Krohn is highly sought-after speaker, publicist, and interview partner, frequently engaging in extensive discussions on current political topics as well as fundamental issues.

The presentation shows general monitoring strategies with examples from practice as well as their advantages and disadvantages – without any product presentations!

• What is monitoring anyway? Who and what should I monitor and why?
• Basics like baselining, logfiles, active vs passive, top down vs bottom up, reactive vs proactive, APM
• Reporting
• Alerting -> Interfaces (Event / Incident) esp. Service Mgmt -> Example ITIL
• Protocols
• General structure -> IT infrastructure / IT architecture
• Phys. vs. virt. Systems
• Core functions such as discovery, visualisation, roout cause analysis, automation
• Selection process -> make or buy, single vs multi vendor, service partner, locations, tender, evaluation -> matrix
• Software Good practice, best of breed, commercial vs. open source software, umbrella systems, data collectors

Robert Macioszek has worked in the field of IT administration and IT infrastructure for over 25 years. His focus is on operations, monitoring, security and processes.

After studying business informatics, he graduated in 2018 with a Master of Science in applied informatics.

Since 2016, Robert Macioszek has worked as an IT architect and CISO at GasLINE.

Information security in small businesses has been a challenge for both businesses and academia for decades. However, the progress achieved so far across the board has been marginal. We have therefore developed a new methodology to address the problem of lack of information security in SMEs. During the presentation, this methodology, which is essentially based on ISO 27001, will be introduced. In addition, experiences from the use of the methodology in practice will be presented.

Stefan Meier studied Business Informatics at the University of Regensburg until 2012. He then worked as a Research Assistant at the Chair of Business Informatics I – Information Systems at the University of Regensburg from 2012 to 2017. His research focus was digital forensics in companies. He also received his doctorate on this topic in 2016.

Dr Stefan Meier joined Meier Computersysteme GmbH full-time in 2017 and has since been working on improving information security for SMEs.

Since 2 July 2023, the German Whistleblower Protection Act obliges companies to set up a whistleblower system and at the same time to protect whistleblowers. Data protection concerns play an important role in the implementation of such systems and definitely cause tensions.

The presentation not only briefly outlines the requirements of the Whistleblower Protection Act, but also addresses the associated data protection law requirements. Possible solutions for practice will also be presented in order to ensure that whistleblower systems are operated in compliance with the law.

Dr. Ralf Heine is a partner at the commercial law firm “Aulinger Rechtsanwälte”, where he is responsible for IT and data protection law. As a specialist lawyer for labour and information technology law, he advises clients primarily on IT and data protection law issues, but also focuses on employee data protection. As a certified data protection auditor and officer, he also provides practical support to companies in fulfilling the obligation to appoint a data protection officer.

• n.n.
• n.n.
• n.n.
• n.n.

• n.n.

Artificial intelligence is seen as an important technology of the future. Generative AI systems like ChatGPT show that the use of AI will greatly change our society, economy and research. Due to the speed of developments, the debate on the regulation of AI systems is dominated by concerns. Questions about cybersecurity are also increasingly arising. Where are we right now in the development of AI systems and what threats to cybersecurity are already emerging or will arise in the future? Can the level of security be increased through the use of AI systems? And is the regulatory framework in Germany and Europe sufficiently prepared for the emergence of AI systems? These and other questions will be discussed with guests from business and public administration.