{"id":1493,"date":"2023-07-14T11:11:14","date_gmt":"2023-07-14T11:11:14","guid":{"rendered":"https:\/\/gb25.eco.de\/security\/"},"modified":"2026-05-07T09:54:33","modified_gmt":"2026-05-07T09:54:33","slug":"security","status":"publish","type":"page","link":"https:\/\/gb25.eco.de\/en\/topics\/security\/","title":{"rendered":"Security"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

Security<\/h1>\n\n\n\n

Security is a key priority for eco. As a cross-cutting issue, it permeates all areas of application and levels of the Internet. In addition to a wide range of initiatives and services, a dedicated Competence Group addresses current security issues from the industry\u2019s perspective. Complementing this, the Anti-Abuse Competence Group promotes internal exchange among members on current abuse-related topics, thereby strengthening collective expertise.<\/p>\n\n\n\n

\n
\n

IT Security Survey<\/h2>\n\n\n\n

Once a year, eco surveys IT security experts as part of the \u201cIT Security\u201d survey<\/strong> to gather their assessments of the current threat landscape, their evaluation of key security issues, and their views on relevant developments and trends. The topics covered range from the general and individual threat landscape, through organisational and technical measures, to forward-looking industry trends.<\/p>\n\n\n\n

On 27 October, eco published the results of the eco IT Security Survey 2025: How AI is Becoming the New Shield<\/a>. The threat situation continues to be assessed as very high. At the same time, companies are acting increasingly strategically and with foresight. AI is establishing itself as a central element of modern security architectures: it enables early identification of attacks, faster detection of complex patterns in large volumes of data, and sustainable strengthening of cyber resilience. In this way, AI is increasingly becoming a protective measure in a dynamic and highly complex threat landscape.<\/p>\n\n\n\n

The Future of Cybersecurity<\/h3>\n\n\n\n

The rapid development of digital technologies and the increasing interconnectedness of all areas of life present companies with a multitude of complex challenges. In the face of threats such as cyberattacks, data misuse and the manipulation of information systems, it\u2019s becoming increasingly important to develop new strategies and solutions for protection.<\/p>\n\n\n\n

In a world where artificial intelligence, the Internet of Things and quantum computing are gaining in importance, new opportunities are opening up, but so are new risks. At the meeting of the Security Competence Group on 11 March, experts discussed key future topics in cybersecurity<\/strong> and analysed how innovative approaches can be used to make the digital world safer.<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
\n
\n

OT Security<\/h2>\n\n\n\n

At the event \u201cSecurity meets Operational Technology<\/strong>\u201d on 13 May, experts discussed the increasing convergence of IT and OT and the resulting security risks for companies. Modern production facilities, sensors and control systems are now highly connected and therefore more vulnerable to cyberattacks, which is why OT security must be given greater priority. During the event, it was emphasised that companies should implement measures on three levels: cultural, technical and organisational. <\/p>\n\n\n\n

At the cultural level, the aim is to view OT more strongly as part of the IT security strategy and to systematically record all OT devices in use. Technically, companies should, among other things, segment networks, reduce unnecessary access points and implement basic security measures such as VPNs or monitoring. Organisationally, it was emphasised that IT and OT teams must work more closely together and define clear responsibilities to ensure a holistic security strategy.<\/p>\n\n\n\n

Disinformation Security<\/h2>\n\n\n\n

In times of increasing connectivity and global crises, disinformation<\/strong> \u2013 for example in the form of deepfakes, artificially generated profiles and targeted online campaigns \u2013 is becoming increasingly relevant in political and societal terms. It influences public discourse, undermines trust in the media and poses a serious challenge to democratic processes.<\/p>\n\n\n\n

During the meeting of the Security Competence Group on 24 June, this topic was therefore examined from a cybersecurity perspective. The focus was on the question of what impact targeted disinformation has on our society, political stability and trust in digital media \u2013 and to what extent IT security technologies can help counteract such developments.<\/p>\n\n\n\n

In addition to providing in-depth technical insights, the event offered members of eco and EuroCloud the opportunity to discuss technical, legal and ethical aspects through joint dialogue.<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
\n
\n

Quantum Cryptography<\/h2>\n\n\n\n

As part of Global Encryption Day 2025 on 21 October, the Security Competence Group hosted the webinar \u201cQuantum cryptography \u2013 the future of secure communication<\/strong>\u201d, during which experts discussed the impact of quantum computers on today\u2019s encryption systems. The focus was on the growing power of quantum computers, which could in future break common asymmetric encryption methods such as the RSA cryptosystem \u2013 a scenario often referred to as Q-Day. Against this backdrop, speakers emphasised that companies and public institutions should develop strategies for quantum-secure communication at an early stage, as the migration to new methods could take several years. Two technological approaches were discussed in particular: post-quantum cryptography, which is based on new mathematical methods, and quantum key distribution, which utilises the physical properties of quantum mechanics for secure key transmission.<\/p>\n\n\n\n

In addition, challenges relating to standardisation, certification and integration into existing IT infrastructures were addressed. The webinar made it clear that quantum-secure communication already plays a strategic role in IT security and digital sovereignty today.<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
\n
\n

Digital Identities<\/h2>\n\n\n\n

The meeting of the Security Competence Group on 18 November focused entirely on modern identity infrastructures.<\/strong> The discussion focused on the central role that digital identities play in ensuring secure access to systems, data and digital services within interconnected IT landscapes. Alongside technological fundamentals, practical use cases were also presented \u2013 for example, in connection with identity management, role-based access systems and new approaches such as the EUDI Wallet.<\/p>\n\n\n\n

Another key focus was on how companies can meet both security requirements and regulatory mandates through interoperable and cryptographically secured identity solutions. The speakers also highlighted the importance of topics such as crypto-agility, certificate management and automated identity processes for resilient IT infrastructures. The event thus offered participants both technical insights and a forum for discussing the challenges and prospects of secure digital identities in business and public administration.<\/p>\n\n\n\n

Cyber resilience<\/strong><\/h2>\n\n\n\n

At the webinar \u201cSecurity Operations Centre 2.0 \u2013 Resilience as a Strategic Success Factor in Cybersecurity<\/strong>\u201d on 25 November, experts discussed the future role of modern Security Operations Centres (SOCs) in an increasingly complex threat landscape. The focus was on how companies can further develop their security structures in the face of rising cyber risks and new regulatory requirements \u2013 particularly those arising from the NIS2 Directive.<\/p>\n\n\n\n

A key conclusion of the event was that a next-generation SOC must no longer be focused solely on responding to security incidents, but must actively contribute to strengthening cyber resilience. This includes, among other things, greater strategic integration of security processes, continuous risk analysis and better integration of technical and organisational measures.<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
\n
\n

ISD 2025<\/h2>\n\n\n\n

The Internet Security Days (ISD) 2025 once again brought together experts from business, academia, politics and public administration at Cologne\u2019s RheinEnergieSTADION on 15 and 16 September to discuss current cyber threats, new technologies and the political framework. A key topic was email security as part of the \u201cYear of Email Security\u201d proclaimed by the Federal Office for Information Security (BSI), supplemented by workshops, presentations and discussions on the practical implementation of relevant security standards.<\/p>\n\n\n\n

Other key areas of focus included the security of digital infrastructures as the foundation for digital transformation and cyber resilience \u2013 that is, strategies for defending against ransomware, phishing and other threats. Alongside the technical programme, events such as Security Night powered by F5 and a stadium tour offered additional networking opportunities. Overall, the event highlighted the complexity of IT security and the need for collaboration, innovation and broad exchange.<\/p>\n\n\n\n

Further information here<\/a>.
<\/p>\n<\/div>\n\n\n\n

\n
\"\"<\/figure>\n<\/div>\n<\/div>\n\n\n\n
\n
\n

Publications, short studies and news<\/h3>\n\n\n\n