The German BSI (Federal Office for Information Security) and TÜV-Verband conducted a survey among German companies to assess the status of cybersecurity in the private sector. Some worrying results from my point of view are: 🌐 Link to the study: BSI – Presse – TÜV-Studie zur Cybersicherheit der deutschen Wirtschaft: Bedrohungslage steigt, Unternehmen wiegen sich…
Frank Karlitschek, the founder and CEO of Nextcloud, gave an inspiring talk at 2025 re:publica conference in Berlin about how to establish a sustainable, enterprise-ready open-source project. 🌐 Link [DE]: re:publica 25: Frank Karlitschek – So baut man ein nachhaltiges Open Source Unternehmen In his talk he highlights the factors making an open-source project successful….
😬 MITRE CVE list might go offline today! This would be catastrophic for global vulnerability management. What I’ve described as a scenario theoretically possible in How Trump 2.0 could affect the IT industry in Europe might become reality more quickly than I’ve thought and not on the NIST-NVD level, but on the MITRE level including…
The shifting political landscape in the United States may significantly impact the global IT industry, especially in Europe. This blog post explores three aspects of how Trump 2.0 could impact the IT sector in Europe, offering insights into the near future and potential developments ahead. Data Transfer to the US The foundation for the legal…
Critical infrastructure faces a growing number of security threats.. Critical infrastructure typically relies on Industrial Automation and Control Systems (IACS) and other non-IT components, often referred to as “Operational Technology.” To effectively assess cybersecurity risks within operational technology (OT) systems, adhering to the internationally recognized IEC 62443 standard is best practice. IEC 62443-3-2, part of…
In December, I completed the EULYNX introduction course at the EULYNX Academy. This course represents the initial level of training. EULYNX Academy Certificate – EULYNX What is EULYNX? EULYNX is an initiative among European railway infrastructure managers. Its main objective is to establish a modular signaling architecture featuring standardized interfaces. More information can be found…
Railway safety is a critical aspect of transportation that ensures the protection of passengers, staff, and infrastructure. Adhering to established safety norms is essential for minimizing risks and enhancing the reliability of railway systems. This blog post will explore key European railway safety standards EN 50126, EN 50128, and EN 50129. Safety measures are essential…
In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…
Today I attended the CNA e.V. railway technology forum 2024 in Nuremberg for ICS GmbH. The title of the conference was “Unlocking the opportunities of railtech”, which is both necessary and possible with the help of digital systems such as ETCS, ATO and CTMS – if it’s done in the right way. Cybersecurity plays a vital role in…
Since February 2022, cybersecurity threats to railways in the European Union have changed fundamentally: nation-state actors are no longer a theoretical possibility, but a dangerous reality. Russia is trying to sabotage European railways, warns Prague 💡 We therefore need to increase the resilience of the railway system against attacks by very capable attackers with access…