Publications

  • Publications
    IT-Security
  • Publication period
    2016-2018
Reference book "Handbuch IT-Sicherheit" - Publication Quarter I 2018 - Franzis Verlag

If IT is the basis of our functioning society, then it is also clear that this elementary basis and thus also the flawless functioning of our social fabric must be vulnerable, because it is IT in any case.

But how can a construct of individuals protect themselves from such a banal danger as the erroneous use of information processing systems? The answer is obvious:

The individual protects itself and creates a strong collective.

But how can one protect oneself from something one does not know? My book idea is to show the most effective way to protect yourself from hacker attacks: Understand them. Information technology systems should be viewed from a critical point of view and the views and approaches of an attacker should be explained in more detail. Facebook is not particularly data protection-friendly; it is at least propagated in the relevant news. However, hardly anyone knows why and how to protect themselves from the dangers of information technology systems. I would like to talk about a principle of the Chinese philosopher Confucius, who once said - "What you are telling me, I forget. What you show me, I remember. What you make me do, I understand."

Thus, the primary goal of this book is to promote competence and sensitize readers to the topic of information security, e. g. through the active participation of readers, for example by recreating the attack scenarios. Inspired by philosophical constructs of thought, the reader is encouraged to deal with the principles of (information) security. Practical applications are not intended to represent the object of the investigation: The aim is not the stupendous approach of "memorizing" the shown commands in order to cause the greatest possible damage, but the understanding of elementary attack techniques and the development of necessary competences for the daily handling of information technology systems. Who is the book for? The book is aimed at experienced users of computer equipment with special security needs, beginners to the world of InfoSec, up to groups of people with IT training and interest in security-relevant aspects of their field of operation. Due to this professional orientation and the specificity - in this case computer security - this book publication is published by Franzis Verlag, as it was able to establish itself as one of the oldest technical publishers in the highly competitive print media market and proves to be ideal for the publication of such a specialized book. Neither on the German market nor in the English-speaking segment do we know of a publication on the current state of knowledge which offers a combination of practical application field, sensitization of basic competences which are of great relevance for the activities of a penetration tester as well as philosophical approach to the given topic. Due to this gap in the market, the ever increasing desire for more security and the fact that "Cybersecurity" [newfangled terminology] is becoming more and more relevant for the daily success of our society due to an increasingly digitized society, I consider the publication of this book to be an urgent necessity.

Thus, the focus is on general social issues such as the NSA eavesdropping scandal, which, due to their increasing complexity, are not only to be viewed from a purely legal point of view (e.g., the federal constitution) but also represent an interdisciplinary social discourse.

One thing must not be left out of consideration: valid law is bound to states; ethics and fundamental values are transnational and also apply to the dysfunctionality of state constructs.
Image copyright: Federal Office for Information Security
Seven Theses for a Smart and Secure Information Society - April 2016 - Federal Office for Information Security

Fifty representatives from civil society, science, business and administration met in April 2016 to discuss the extent to which the information society can get both "smart" and at the same time do justice to a standard in security.
The representatives worked out seven theses, which were approved by consensus. These represent a first step in a long-term social discourse.

Thesis 1: Information security is not only a technical but also a political and social question that requires an interdisciplinary approach.

Thesis 2: There needs to be a public debate on security responsibility in the information society.

Thesis 3: The motivation to take care of information security does not need moral appeals, but positive incentives.

Thesis 4: Information security is an active, intergenerational social project with a lifelong learning approach.

Thesis 5: Mistakes are humanitarian; information security requires technical and organizational resilience and error management.

Thesis 6: Information security and usability must go hand in hand.

Thesis 7: Information security should become an important factor, so that everyone can determine for their own who does what with their data.

During the event, Philipp Kalweit represented the interests of civil society.
Image copyright: Federal Office for Information Security
Impulses for a smart and secure digital society - June 2017 - Federal Office for Information Security
 
In recent years, information security has increasingly collided with the political sphere. The Digital Agenda, the IT Security Act and the Parliamentary Investigation Committee on the NSA's Spyware Affair are prime examples of policy interventions in information security. The mistrust of state intervention in information technology systems caused by the introduction of the Federal Trojan, the discussion about a "source telecommunication surveillance" and the new extensive powers of the Federal Office for Information Security (BSI) has had a lasting effect on the necessary development of targeted, civil rights-compatible protection measures for German IT systems and networks. In order to achieve an independent authority here, which can regain the confidence of industry and users, it is necessary to reconstitute the BSI as an independent authority without participation or authority of the Federal Ministry of the Interior (BMI). No one else will believe the assertions that the BSI will not become a henchman of the BMI's greed for surveillance in case of doubt.

For the reasons mentioned above, it is therefore to be welcomed that the Federal Office for Security in Information Technology is setting the first impulses and calling for a social discourse.

Kalweit ITS Consulting was allowed to be of service to the Denkwerkstatt (Think tank) during the development of the impulse paper.
"The creation of a smart and secure digital space in which information security is guaranteed is a generational project for society as a whole. The framework conditions are strongly influenced not only by technical but also by political, economic and cultural developments. As early as February 2017, representatives from civil society, culture, science, business and administration met as part of the "Digitale Gesellschaft: smart & sicher" (Digital Society: smart & secure) project to discuss issues related to the secure information society. On 28 and 29 June 2017, they met again in Berlin to develop new impulses and thus contribute to a broad debate and ultimately to a secure information society. The representatives address the public with the following impulses"
Translation of source quote https://www.bsi.bund.de/DE/Themen/DigitaleGesellschaft/Digitale_Gesellschaft/SuSI/Impulse/impulse_node.html
By accessing this site, you consent to the use of cookies in accordance with our Privacy Policy. Additional information