What is the current cyber security situation, where are the biggest challenges and what solutions are there to prevent losing sight of the overall situation? The Alliance for Cyber Security of the German Federal Office for Information Security (BSI), in cooperation with the Horst Görtz Institute for IT Security (HGI) at the Ruhr-Universität Bochum (RUB), focused on these questions at the event.
HGI speaker Prof. Dr. Tim Güneysu opened the network meeting, which could take place again in presence since 2020. "Bochum is a real hotspot for IT security: not only is it home for excellent research, but also for the startup spirit in its own right," said Güneysu, highlighting the start-up incubator Cube 5, which has been supporting people interested in founding a business and startups at the HGI since 2018.
In his keynote, Arne Schönbohm, President of the BSI shared insights into the current threat situation and explained why ransomware is currently the biggest cyber security threat. He said now is the time to invest in prevention measures and implement measures to secure IT systems at the latest. "Do something now, implement simple measures," Schönbohm said.
This appeal was complemented by the following presentation by Manuel Bach, head of unit at the BSI for small and medium businesses, who offered some tips on how to get started and take the first steps for more cyber security. About 80 percent of the most effective measures against ransomware are free measures, Bach said. For example, disabling macros by default, but also practicing IT incidents regularly. Because: regular backups are important, he said, but practicing how to install those backups is just as important. This also requires a good error culture - if the import doesn't work, you have to ask yourself "Why?" and learn constructively from the mistakes.
Alena Naiakshina, Professor for Developer Centered Security at the Faculty of Computer Science, SecHuman Promovend Jonas Hielscher and other experts from the business community exchanged their views in the next panel discussion on the topic of "Cyber-Security Makeover - feasible, positive, self-evident". They agreed that employees make a decisive contribution to IT security in the company and, as the "human security factor", represent an important line of defense against cyber attacks. Employees need to be supported in this by a user-friendly design of the applications and a living IT security culture in the company. Alena Naiakshina also pointed out: "So far, security has not been treated preventively, although security errors should be found and prevented by software developers at an earlier stage.
As a playful example of a cyber security exercise, an Escape Room presented itself at the 31st CST. While searching for the password of the cyber criminal "Mr. Smile", the participants were able to learn a lot about password security on site. In further workshops, they received practical tips on the security of their own website and an introduction to emergency management.
In addition to the presentations and panels, the Cyber Security Days always provide ample opportunity for networking and exchange. This time, participants were also able to talk to BSI experts in short speed-dating rounds.
The program was rounded off by a presentation on successful founder stories of startups in the region. The HGI is a leader in the field of startups: Since its founding, 17 young startups in the field of cybersecurity have emerged from the institute - the highest number in Germany. The startups of the two founders Matteo Große-Kampmann (Aware7 GmbH) as well as Dr. Heiko Koepke (PHYSEC GmbH) have also grown out of the HGI. They shared their experiences and gave exciting insights into their work in their closing presentation.
For all those who could not be on site, the first part of the event is available as a video recording here.
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.