INCYDE

Today I received my accreditation as security auditor for the next 5 years from the German Federal Railway Authority. I am looking forward to many interesting projects!

Day 4 on #Innotrans and still good discussions ongoing! Mirko Blazic and Anastasiia Hrytsyshyna came here to talk about cybersecurity requirements and current implementations based on EULYNX. It’s really great to see the ongoing EULYNX adoption and the enourmous interest also outside of Europe! And we are proud to support EULYNX with our cybersecurity knowledge. #Eulynx #Cybersecurity #Incyde #ot #railsways

Day 1 at Innotrans 2024! We are prepared and looking forward to meeting you. Meet us and our valuable partners at Citycube, Hall A Booth 240. #innotrans #incyde #eulynx #cybersparring Anastasiia Hrytsyshyna Sarah Leining Tanja Adler INCYDE NEXTRAIL GmbH

The scene is set! Tomorrow Innotrans will start and we will be present with our Security demonstrator. Our slogan: Hack to protect! Come and meet us at our booth to see and discuss attack and defense technolgies based on real system experience! #Innotrans, Citycube Hall A, Booth 240 #cybersparring #cybersecurity #incyde #innotrans #questionyourassumptions

🚨 Dr. Martin Koop steps into the ring: Securing OT railway systems - test automation & pentesting at InnoTrans 2024 🚨 Congratulations to Martin, Leon Hagemann, INCYDE and Alain Kaffo, DB InfraGO on the publication of their article in Signal + Draht entitled ‘Question your assumptions: Practical experience with test automation and pentests’! Martin sees the topic of safeguarding OT railway systems as a sparring partner: A constant, dynamic process that makes it possible to continuously improve the resilience of railway systems through automated tests and pentesting. At #InnoTrans 2024, he will enter the ring with passion and address the questions and challenges of the industry. His aim is to act as a #partner in the dialogue, working with other experts to identify critical weak points and develop solutions. When you meet him at the show, you can expect an in-depth discussion on how test automation and Red Team Pentesting can transform the cyber security of railway systems. ➡️ Step into the ring! Join the discussion with Dr. Martin Koop at #InnoTrans 2024 and take the opportunity to explore the challenges of OT cybersecurity in railway systems together. Secure yourself an exciting sparring session on the topics of automated tests and security gaps in railway systems! We look forward to intensive and inspiring discussions! #QuestionYourAssumptions #cybersparring #incyde #innotrans #ot #cybersecurity #railsecurity

Macht euch bereit!   Wir gehen regelmäßig ins #cybersparring mit OT-Systemen. Für die #Innotrans haben wir ein weit verbreitetes Rail-System mit in den Ring genommen und auch unsere eigenen Annahmen konsequent hinterfragt.  Die gute Nachricht: Nach dem #Angriff kommt die #Verteidigung!    Was dabei konkret rausgekommen ist? Überzeugt euch selbst!   Innotrans: 24.09.-27.09.24, CityCube Halle A, Stand 240!   #incyde #QuestionYourAssumptions #cybersecurity #cybersparring #ot   Dominik Spychalski Richard Frhr. Poschinger Johannes Häring Dr. Martin Koop Matthias Wunderskirchner Roger Metz

Wer braucht heute noch Live-Events? Wir alle! Persönliche Treffen fördern den kreativen Austausch, schaffen Vertrauen und sorgen für den nötigen Spaß – genau die Aspekte, die in der heutigen Zeit entscheidend sind, um den Herausforderungen der #Cybersecurity zu begegnen. In nur einer Woche öffnet die #Innotrans 2024 in Berlin ihre Tore, und wir können es kaum erwarten, euch dort zu treffen! Kommt vorbei, tauscht euch mit unseren Experten aus und erfahrt alles über die neuesten Entwicklungen in der #RailwayCybersecurity. Dominik Spychalski, Matthias Wunderskirchner, Richard Frhr. Poschinger, Dr. Martin Koop, Andy Lämmerhirt and Max Schubert #incyde #innotrans #cyberboxing #ot #cybersecurity #cybersparring #QuestionYourAssumptions

Sparring Lesson #4: “You won’t win the fight because you had better-looking boxing gloves.”   We often hear about risk assessments' jaw dropping results, barely-believable value, and incredible tools, but basic questions always linger after a risk assessment is complete: - “What has been the actual benefit of this process? - And did I find out something new after all? - Will any of this still be valid in 6 months' time?” And you are right to ask these questions!   Why?  Because "shiny" tools and "fancy" presentations are not the value creators of a risk assessment, but rather industry-specific knowledge and experience. It's about knowing where things will likely go astray and where they will likely remain under control.    So what should you expect from a team performing a risk assessment?  You should look for real experts who have gotten "grease on their hands and mud on their faces". They are the ones who will tell you what "screws" will fail if pressure is applied to your security architecture.   So I don’t need any tools? No, of course you need your training plan and boxing gloves. But it’s not about having the “best” tool but about a team that fill it with the right content based on real knowledge and experience.   But enough about our views on risk assessments. We want to hear your thoughts! How do you ensure that risk assessments bring real value to your system design?   We look forward to your comments!   #incyde #innotrans #cyberboxing #ot #cybersecurity #cybersparring #QuestionYourAssumptions

Das #NIS2UmsCG kommt! Zum 17. Oktober 2024 wird die NIS2 in Deutschland in Form des NIS-2-Umsetzungs- und Cybersicherheitsstärkungsgesetz #NIS2UmsCG (sehr wahrscheinlich) in Kraft treten. Das sind weniger als sechs Wochen...   Was bedeutet das für den Bahnbereich? Drei Wesentliche Aspekte: - Schienenfahrzeuge sind im Vergleich zur "alten" KRITISV neu im Scope - Der Einsatz von kritischen Komponenten ist beim BMI anzuzeigen - und zwar VOR dem Einsatz - Geschäftsführer/CEOs werden stärker in die Pflicht genommen und MÜSSEN regelmäßig zur Security-Schulung gehen Daraus resultieren nicht nur Anforderungen für die Organisation sondern eine Vielzahl an detaillierter Anforderungen für die kritischen Komponenten auf der Fahrzeug- und Infrastrukturseite!   Für mehr Infos hol dir Artikel von Max Schubert im aktuellen Bahn Manager (hier als PDF zum Download) und komm gerne auf uns zu! Für mehr spannende Posts und Cybersecurity-Inhalte kannst du uns auch gerne followen!   #incyde #innotrans #ot #cybersecurity #cybersparring #QuestionYourAssumptions INCYDE

Früher..... So sollte kein Security-Training beginnen!