IT security for an intensified threat situation: With around 500 participants over two days, the 12th Internet Security Days (ISDs) at Phantasialand BrĂĽhl were a huge success.
On the morning of 29 September, the sun was shining above Phantasialand, and the participants were all aglow: The joy of finally having the largest IT security conference back as a live event could be read from everyone’s faces. IT experts from all over Germany came to Brühl to exchange views on IT security challenges and to cultivate old and new contacts. The eco Association of the Internet Industry organises the conference annually in cooperation with the heise Academy at Phantasialand Brühl.
The topic of IT security is red-hot in autumn 2022, as the Ukraine conflict and economically motivated attacks with extortion Trojans (ransomware) threaten SMEs as well as public authorities to an unprecedented degree.
Prof. Norbert Pohlmann addressed this situation in his welcome address. The eco Board Member for IT Security emphasised that the need for a close personal exchange is greater than ever: “IT systems and infrastructures are not designed, built, configured and updated securely enough to withstand all intelligent attacks,” he acknowledged. Afterwards, Frank Rock, District Administrator of the Rhein-Erft district, gave a welcoming address.
IT security champions avoid damage
Around forty renowned experts then brought up IT security topic in panel discussions. Paul Kaffsack (Myra Security) and Christian Knothe (1&1 Versatel) kicked things off with their keynote. They provided strong arguments and strategies for IT security based on European protection solutions. “Take advantage of the opportunities offered by local service providers and European hidden champions,” said Paul Kaffsack. The aim is to reduce potential attack areas and risks in order to avoid any damage. Thorsten Deutrich (GlobalDots) discussed the automation of cyber defence and presented vulnerability scanning, a real-time check of data points and other new protection tools.
Detecting fake images is becoming increasingly difficult; even many videos, for example, can only be unmasked as fake with the help of forensic methods. Such deep fakes are used by cybercriminals for CEO fraud attacks, which can cause damage in the millions, as reported by Dr. Christian Krätzer from the Faculty of Computer Science at Otto von Guericke University Magdeburg. He spoke about “the role of AI in modern attack vectors as well as methods of IT security.” The material for creating deep fakes of a target person is freely available online, and the creation is comparatively cheap.
At the ISDs, regular breaks gave the participants enough space for networking and refreshment – for example at the espresso and candy bar, which were open to all guests with the support of LastPass.
Do not pay a ransom to cybercriminals
Information Security in Industry – The Next Must-Have? This was the question posed by Gökhan Kurtbay (CNX Consulting Partners). The reputation of German SMEs in terms of cybersecurity is poor, he pointed out. With due cause, he says, as many of those responsible display a dangerous degree of ignorance. He expects that there will soon be more legal requirements for IT security in companies.
The cyber attack on the district of Anhalt-Bitterfeld showed how quickly it can affect public authorities. Sabine Griebsch (CDO in the Anhalt-Bitterfeld district) mentioned this in her presentation: “We need to create appropriate standards and the foundations to prevent attacks in order to ensure a sustainable level of protection”. A close exchange regarding procedures is necessary. Victims of cybercriminals should not pay ransom: this was advised by Chris Lichtenthäler and Melanie Vorderobermeier, both from Deloitte, in their presentation entitled “The invisible hand in cyberspace”. In the subsequent “War Stories” panel, participants shared their experiences of dealing with a recent incident.
“Security Everywhere” was what was called for by Andreas Münch from Akamai in his presentation: “With the help of artificial intelligence, we recognise patterns and can thus ward off DDoS attacks.” Before the lunch break, eco Managing Director Alexander Rabe congratulated long-standing eco member companies. Certificates for 25 years of membership in the eco Association were presented to Microsoft Deutschland GmbH and CANCOM Managed Services GmbH. HKN GmbH, FreiNet GmbH and mediaBEAM GmbH were honoured for their 15 years of eco membership.
Prepare for IT crises now
Snehal Antani, CEO of the sponsor HORIZON3.ai, opened the second half of the day with a keynote on “SOC (Security Operations Center) Effectiveness”. “Strengthen your security systems by finding and eliminating attack vectors before criminals can exploit them,” he urged. He gave tips on how to log the right data, how to fix vulnerabilities and how to configure tools optimally.
“The interior of the IoT product defines your cybersecurity,” said Mirko Ross of asvin GmbH. In his presentation, he highlighted European regulations to which the industry must adapt. Things will change drastically in terms of IoT security, he predicted: “Only regulation can fix the problem, the industry alone can’t do it.”
Kai Boyd from Fastly presented new rules for web app and API security that can be used to defend against cybersecurity threats more effectively. Martin Meyer from Rubrik Germany GmbH explained how AI helps to identify and contain risks in the fight against ransomware. He also shared valuable tips on the subject of backups, which should be logically isolated from the network and secured by multi-factor authentication.
Networking at the Internet Security Night
“IoT devices are increasingly becoming a potential target for hackers,” said Tatjana Hein from eco Association, in the afternoon panel discussion. She joined the panel by Olaf Pursche (AV-Test), Rainer M. Richter (HORIZON3.ai) and Paul Trinks (German Federal Office for Information Security (BSI)). They all shared advice on how to defend against cyber attacks on vulnerabilities that abound on the Internet of Things (IoT) due to different operating systems and standards.
At the end of the first day of the conference, Hauke Gierow from PIABO PR pointed out the communication requirements in the event of a crisis. “Crisis communication skills must be ensured in advance,” he cautioned in his presentation and commented on how companies should prepare communication now in the event of a cybersecurity emergency.
On the evening of the first conference day, the Internet Security Night 2022, sponsored by Rubrik Germany GmbH, was an exceptional networking event on the agenda. In Phantasialand’s “Deep in Africa” themescape, drum groups and an acoustic duo gave the guests a warm welcome. Afterwards, the Black Mamba, one of Phantasialand’s main attractions, opened exclusively for ISD visitors, with the support of the sponsor Fastly. A number of guests did one round after another on the fast roller coaster. During the event, a rich buffet of fine African cuisine was served. Many guests were still in a celebratory mood after the long conference day and enjoyed the DJ and dance floor. The evening ended with networking and sharing experiences at the hotel bar.
Day 2: Increasing trust in digitalisation
No matter how late it got for individuals at the Internet Security Night, everyone was back on-site at 9 a.m. for the opening of the second day of the conference at Phantasialand’s Quantum conference centre. “We don’t have a deficit of measures in terms of IT security in Germany, but a deficit of implementation,” said Dr. Dirk Häger (BSI) in his keynote speech. Häger urged that cybersecurity must a matter for the managers and gave an overview of the current threat situation.
This was followed by presentations and discussions on “In the beginning was security – A pipe dream?” and “Trust on the Internet – Trust me if you can” – the titles of the two parallel lecture tracks.
Markus Schaffrin (eco) and Frank Schmeiler (techconsult) talked about the contribution digital identities make to strengthening trust on the Internet. Both presented the results of the study “Security & digital identities in a digitalised world”, which techconsult and eco had published in the spring of 2022. “Digital identities are drivers of digitalisation,” said Frank Schmeiler. “However, companies and the public sector have many challenges to overcome along the way.”
Afterwards, Dr. Boris Hemkemeier from Commerzbank gave examples of storytelling concerning cyber attacks on bank customers. He gave an overview of how attackers use plausible stories to convince customers to send them money voluntarily. “The better the story, the more willing people are to disclose critical information,” Hemkemeier said.
Human safety factor
“Storytelling is also important for security topics,” Marcus Beyer (Swisscom Trust Services AG) confirmed later. He promoted a greater understanding of the human factor in cybersecurity: “People are and will remain the number one target, so employee’s sensitisation must rock!” he urged.
Later in the morning, resilience for IT infrastructures took centre stage for a follow-on panel. Where are we heading? Moderated by Philipp Ehmann (eco), this was the question addressed by Klaus Landefeld (eco), Thomas Niessen (Trusted Cloud) and Steve Ritter (BSI). They discussed possibilities and opportunities for improving resilience in the digital space.
Two presentations by sponsors rounded off the morning: Michael Veit from Sophos acknowledged strategies to proactively detect potential threats in order to nip cyber attacks in the bud as directly as possible. Dr. Michael Lemke from Huawei Germany, meanwhile, took a look at the overall picture of cybersecurity with a focus on cloud technologies.
Digital responsibility and the hacker perspective
What points of reference do we have for trust in the digital space? This was the question raised by Vivien Witt (eco), Andreas Weiss (eco), Ralf Benzmüller (G Data) and Jutta Juliane Meier (Identity Valley) in the afternoon. Together they presented the Digital Responsibility Goals – formulations that are intended to serve as guard rails for the responsible use of innovative technologies. “We have formulated measurable goals for trustworthy and responsible interaction in the digital world,” said Jutta Juliane Meier.
The second day of the conference ended with a keynote by hacker Felix FX Lindner, who didn’t mince his words in his assessment of the IT security situation: “We haven’t figured out how to build bug-free software yet,” he said at the conclusion of ISDs 2022. Further exchange is therefore necessary and important, which is why the organisers immediately announced that the ISDs will take place again in 2023. Markus Schaffrin concluded the conference by thanking all participants and the sponsors Myra, Horizon3.ai, Akamai Technologies, Fastly, GlobalDots, Sophos, LastPass, Rubrik, Huawei & P3KI GmbH: We are looking forward to ISD 2023.
