16th German IT Security Congress

From May 21 to 23, 2019, DCSO’s Technology Scouting and Evaluation (TSE) team visited the 16th German IT Security Congress, which took place in Bonn-Bad Godesberg. The German Federal Office for Information Security (BSI) hosted the congress, which focused on “IT security as a prerequisite for successful digitization” as its theme this year. Held once every two years, the congress highlights hot IT security topics, new legislative developments, and product approval procedures. A small exhibition of security solutions accompanied the congress.

The growing number of participants is an indication of BSI’s increased importance as a national cybersecurity agency. The German IT Security Congress addresses a German audience of experts from public authorities — in the German language. Surprisingly, there were a few cooperative approaches at international, especially EU, level to counter international threats. In fact, one sees international cooperation only in the close bilateral ties of the BSI with its French counterpart ANSSI.

What were the most important topics at this year’s congress?

The lectures presented in two parallel streams offered a wide variety of topics with different content depths. The congress topics comprised two main areas. The first part related to trends in IT security with main topics including:

  • Cryptography in the post-quantum computer age,
  • Use of artificial intelligence (AI) to defend against IT security threats and as a means for potential attackers,
  • Security of industrial control systems (ICS), and
  • Utilizing Blockchain technologies.

The second part of the congress concerned developments in legislation (e.g., IT Security Act 2.0), regulations, certifications, and approval procedures (e.g., BSI – Accelerated Security Certification).

Which companies attended the parallel fair?

An exhibition of 23 organizations complemented the lecture agenda. The exhibitors, mostly regular guests at the congress, also had a strong focus on regulatory requirements with their products and thus offered VS-NfD approved products, or those currently in the approval process. In this context, the product presentations were more down-to-earth and focused less on marketing than at other events. Companies took the opportunity to present new developments. In addition, the congress is a welcomed event for the limited segment of the German and government-oriented IT security community to maintain and expand its network of business contacts.

Takeaways

  1. The BSI is gaining importance beyond the governmental scope. This is also apparent in the increase in terms of facilities and personnel. Recently, the BSI received additional tasks, such as:
    • BSI for citizens
    • The introduction of offensive measures for the establishment of IT security – also known as “hack back” and similar procedures
    • Responsibility for digital consumer protection
  2. Multinational cooperation at the EU level between national cyber-security authorities has been slow to take off. One step forward is the new EU Cybersecurity Act, which now provides the basis for an EU-wide certification system for online services and network devices.
  3. Experts expect the use of artificial intelligence on the attacker side as well (e.g., new obfuscation methods for malware). We believe that this could trigger a new round in the arms race between malware producers and AV vendors.
  4. BSI and other initiatives like Allianz für Cyber-Sicherheit and Cyber Security Cluster Bonn support small to medium-sized enterprises (SMEs) in their efforts to strengthen IT security. These initiatives offer not only knowledge transfer but also a community to facilitate the exchange of information and experiences.

For more information: Deutscher IT-Sicherheitskongress

Who we are
The “Technology Scouting & Evaluation” (TSE) service identifies and evaluates promising IT security solutions. With this service, DCSO supports companies in staying ahead of a dynamic and ever-changing market. The centralized and unbiased evaluation process is supplemented with the experience of all community members.