Information security

JUNE 2025

+++ Revised training program +++

The range of training courses on the subject of e-mail has been adapted on the basis of feedback from previous events. Thank you very much for your feedback and helpful suggestions for improvement!

Further information can be found on our training pages.

9th IT Security Awareness Days - IT-SAD 2025

Cross-university online event series on IT security - 12.05. to 23.05.2025

The University of Braunschweig has provided the following link to an interesting event.
Take advantage of the offer to learn more about information security:

++++++++++++++++++++++++++++++++++++++++++++++++++++

Dear ladies and gentlemen,

The IT Security Awareness Days will take place again this semester - IT-SAD 2025 in week 20 from 12.05.-16.05. and in week 21 from 19.05.-23.05.2025.

What are theIT Security Awareness Days?

It is a series of online events with presentations on all aspects of information security. The lectures are organized by various universities. Many universities are actively involved in the organization and implementation. This time there are lectures from the: TU Braunschweig, KU Eichstätt-Ingolstadt, Georg-August Uni Göttingen, Uni Osnabrück, Leibniz Uni Hannover, BWInfoSec/Reutlingen, Uni Köln and Uni Hildesheim. The lecture topics range from "Security in the home office" to "Social engineering" and are mostly aimed at users with no prior knowledge. However, there will also be more technical presentations, further information can be found on the announcement page https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2025

Program
You can find the program online at https://www.tu-braunschweig.de/ciso/it-sad/it-sad-sommersemester-2025#c978544

All presentations will take place via WebEx, prior registration is not necessary:
Webex room for the presentations: https://tu-braunschweig.webex.com/tu-braunschweig/j.php?MTID=m581adb32c7dfccd46d609e2a4bc6260d
Joining should work via the WebEx client as well as all common browsers.

We look forward to active participation!

Yours sincerely,
Dr. Christian Böttger
Chief Information Security Officer (CISO)

Emergency brake for the surveillance catalog in the coalition agreement

Chaos Computer Club "CCC" calls for emergency brake for the

surveillance catalog in the coalition agreement

CDU, CSU and SPD drop all inhibitions. They are planning mass surveillance on three levels at once: Telecommunications, license plate and biometric data. The old and new huge piles of data are to be combed through with "automated data research and analysis". State hacking is also to be expanded.

The coalition agreement that the black-black-red government wants to conclude is so full of surveillance plans that every individual will be affected. Whether you communicate online, drive a car or post photos of faces online: All of this is to be recorded on a massive scale and analyzed if necessary.

And it's not just the mass surveillance and expansion of the use of state Trojans that is to come, the Christian Democrats and Social Democrats want a paradigm shift: informational self-determination is to be put to the stake, data use and all the "AI" nonsense is to be given priority.

The government-to-be is throwing overboard a concept that has so far been able to offer us some protection from the most disgusting effects of surveillance capitalism. But informational self-determination is a fundamental right and is not even up for discussion for free-wheeling surveillance believers who are oblivious to history. We must remind them of this.

The planned surveillance list

  • Data retention: All IP addresses and port numbers of all people are to be stored for three months without cause.
  • "Source tapping" is being expanded: This is the state trojan that monitors communications. The federal police will now also be allowed to hack.
  • Mass biometrics: A "biometric comparison with publicly accessible internet data" is planned, also "using artificial intelligence" (WTF?). The type of body data is undefined; face, voice, DNA are conceivable. In addition, "remote biometric identification" is permitted.
  • Grid search: An "automated data search and analysis" is to be created for the data dumps of police forces and secret services. Hesse, North Rhine-Westphalia and Bavaria use software from the US company Palantir for this purpose.
  • People "with psychological abnormalities" are to be screened for their potential risk of violence and are to be subject to "inter-agency risk management". CDU-Linnemann called it the register for the mentally ill.
  • Even more surveillance capitalism: we are to be handed a "culture of data use and data sharing that establishes a data economy". The right to informational self-determination would become a joke.
  • Automated license plate reading systems are to record vehicle license plates.
  • More video surveillance, wherever crime is to be combated with lots of cameras instead of sensible measures.
  • Even more secret service data exchange with even less control.
  • The government wants to expand what it misleadingly calls "active cyber defense ". Hacking back is not a defense, but an attack.

If this list doesn't put you in a bad mood, you can't be helped. The CDU, CSU and SPD seem to have learned nothing from decades of established supreme court case law. They are not only sticking to their stubborn insistence on data retention, but are also planning further mass data collection of innocent people without cause.

This draft coalition agreement shows that the waffling phrases about "sovereignty" in the context of "digitalization" are mere window dressing. This is obviously only supposed to exist for US tech companies: With the mantra of mutating us into an "AI nation", the coalition is already sinking to its knees before the new machine landlords as a precaution, with shadow intelligence services such as Palantir included.

As a result, the paper delivers a dictatorship cutlery set, turnkey and tailor-made. The successor government is already licking its repressive claws.

The members of the SPD still have the chance to pull the emergency brake and prevent the dismantling of important basic rights. We therefore appeal to the Social Democrats: Do not vote for this watch list!

Left:

Draft of the coalition agreement between the CDU, CSU and SPD in the 21st legislative period: https: //fragdenstaat.de/dokumente/258046-koalitionsvertrag-cdu-csu-spd-2025-entwurf/

Found on https://www.ccc.de/de/updates/2025/ueberwachungshoelle

Information security at universities

Science Minister Clemens Hoch: We are expanding information security at universities in the state

The university presidents and Science Minister Clemens Hoch have signed a new joint state strategy in Mainz to increase information security at universities in Rhineland-Palatinate.

"Universities are also increasingly being targeted by cyber criminals. With their sensitive data, they must therefore be better prepared for cyber attacks in the future. I am delighted that we have found a joint response to the increasing threat to universities in the state with the new state strategy to increase information security. Our universities will work together even more closely on this topic in future in order to share experiences, learn from each other and join forces. The state is supporting them in this process and is providing a total of around five million euros in the upcoming double budget to strengthen information security," said Science Minister Clemens Hoch at the signing ceremony.

"The universities in Rhineland-Palatinate greatly appreciate the efforts made by the state to increase their information security. We are aware that these are indispensable investments that we as universities can only meet together with the support of the state. In view of the vulnerability of our digital infrastructures, it is extremely necessary and wise to pool the expertise of our universities and make efficient use of synergies in order to jointly develop solutions for greater cyber security," added Prof. Dr. Susanne Weissman, Chairwoman of the State Conference of University Presidents (LHPK) and President of Mainz University of Applied Sciences.

With the new state strategy to increase information security at universities, a series of measures have been agreed to make universities more resistant to security threats in the future. If security incidents do occur, they should also be able to react in a structured and planned manner. To this end, measures at the individual universities and central measures have been closely coordinated. Clear responsibilities and processes with regard to information security are to be created locally. At the same time, exchange and cooperation are to be strengthened in order to pool existing expertise and learn from the experiences of other universities.

Among other things, information security officers are to be established at all universities to further promote information security in an advisory and coordinating capacity on site and in exchange with the information security officers of other universities. Where full-time information security officers have already been established, the additional personnel resources can be used for a specific purpose in the area of information security - for example to set up a deputy.
In addition, the universities want to gradually implement the requirements of the IT baseline protection methodology of the Federal Office for Information Security (BSI) by 2030 if possible. A new Information Security Service Center ("RARP SIS") is also to be set up at the University of Kaiserslautern-Landau as another service of the Rhineland-Palatinate Data Center Alliance (RARP), which will advise and support the universities in the introduction of BSI baseline protection, bundle relevant information on information security and build up a university-wide pool of training and awareness measures. The individual universities have limited IT resources to deal with serious incidents such as cyber attacks. In a cooperative structure such as the RARP SIS, the expertise and information available locally can be pooled more effectively in future.

Regular monitoring of the implementation status of the national strategy by the information security officers should ensure implementation progress, identify obstacles at an early stage and ensure a solution-oriented exchange of information.

Found on https://mwg.rlp.de/service/pressemitteilungen/detail/wissenschaftsminister-clemens-hoch-wir-bauen-die-informationssicherheit-der-hochschulen-im-land-aus

Information and downloads