On the rails again… 🚆😎

ByStefan Karg 15.03.202325.08.2025

Security

Defense in Depth
ByStefan Karg 01.11.202225.08.2025

Food for thought on the public holiday in Germany: What is defense in depth and why should you consider it?

Read More Defense in Depth
Conferences / Events

Next Stop: Fulda
ByStefan Karg 22.11.202225.08.2025

On the way to the Verband Deutscher Eisenbahn-Ingenieure e.V. (VDEI) conference about railway cybersecurity where I’ll be speaking tomorrow… of course by train!

Read More Next Stop: Fulda
Security

Real world phishing attacks
ByStefan Karg 25.01.202325.08.2025

This post is a great example, that a spear phishing attack also works in the offline world. It does not always have to be an e-mail! Thank you to Marc Torke for sharing this. The letter in the picture is claiming to come from an official German court and was sent to a newly founded…

Read More Real world phishing attacks
Security

Next conference: Nürnberg
ByStefan Karg 28.03.202425.08.2025

Today I’ve registered for attending the “CNA Forum Bahn+BahnTechnik 2024” conference with the title “Unlocking the opportunities of railtech” CNA Forum Bahntechnik | CNA – Center for transportation & logistics Neuer Adler e.V. (c-na.de) My personal focus for the conference will be the topics around the digitalisation of the railways and how to develop the…

Read More Next conference: Nürnberg
Conferences / Events

VDEI Security Conference
ByStefan Karg 23.11.202225.08.2025

Getting ready for my talk at Verband Deutscher Eisenbahn-Ingenieure e.V. (VDEI) Fachtagung Cybersecurity 2022. I’ll be speaking about Security for Safety and will be sharing a couple of lessons learned and best practices from real world projects at ICS – Informatik Consulting Systems.

Read More VDEI Security Conference
OT | Security | Standardization

IEC 62443-3-2 Risk Assessment Workflow
ByStefan Karg 01.02.202525.08.2025

Critical infrastructure faces a growing number of security threats.. Critical infrastructure typically relies on Industrial Automation and Control Systems (IACS) and other non-IT components, often referred to as “Operational Technology.” To effectively assess cybersecurity risks within operational technology (OT) systems, adhering to the internationally recognized IEC 62443 standard is best practice. IEC 62443-3-2, part of…

Read More IEC 62443-3-2 Risk Assessment Workflow

Similar Posts