Security

ISO 27005 Information Security Risk Manager

ByStefan Karg 16.12.202517.12.2025

This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education.

Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management.

Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess risks can lead to misplaced priorities, leaving critical vulnerabilities unaddressed. ISO 27005 offers a structured framework for systematically managing information security risks, following a globally recognized approach.

Security

USB Killer redefined
ByStefan Karg 30.03.202325.08.2025

A Military-Type Explosive Sent Via USB Drive (gbhackers.com) ⚡ So far, USB-Killer devices were used by attackers (or pentesters) to disable or destroy devices with USB interfaces by discharging a high power electrical shock into the data lines of the USB port. ❗ If you find a USB stick somewhere: Do not plug it into…

Read More USB Killer redefined
AI

Realtime AI applications
ByStefan Karg 30.03.202325.08.2025

Real time AI applications can bring huge benefits but also come with (social) risks we will have to deal with. The example below is a good demonstration of what is possible today. I’m very curious regarding the public discussion on how we will balance benefits vs. risks of such applications without killing technological progress in…

Read More Realtime AI applications
Security

What is an exploit?
ByStefan Karg 03.10.202225.08.2025

👩‍🎓 Learn another security term this Wednesday: What is an exploit?

Read More What is an exploit?
OT

New Publication: Automated Security Risk Management for trains
ByStefan Karg 21.07.202525.08.2025

Patric Birr and I published an article in SIGNAL+DRAHT, the leading international medium for control and safety technology plus communication and information technology in the railway sector. In the article we propose automating Security Risk Assessments by using digital twins. These allow attack trees to be derived automatically enabling a systematic analysis of potential attack…

Read More New Publication: Automated Security Risk Management for trains
Security

Secure easter holidays
ByStefan Karg 16.04.202225.08.2025

Enjoy the Easter weekend!If you haven’t done yet, this weekend could be an opportunity to update your passwords / authentication methods. Remember those 3 basic measures:

Read More Secure easter holidays
Political | Security | Standardization

BSI & TÜV: Worrying Survey on Cybersecurity Among German Companies
ByStefan Karg 12.06.202512.06.2025

The German BSI (Federal Office for Information Security) and TÜV-Verband conducted a survey among German companies to assess the status of cybersecurity in the private sector. Some worrying results from my point of view are: 🌐 Link to the study: BSI – Presse – TÜV-Studie zur Cybersicherheit der deutschen Wirtschaft: Bedrohungslage steigt, Unternehmen wiegen sich…

Read More BSI & TÜV: Worrying Survey on Cybersecurity Among German Companies

Similar Posts