Foto: ©Jefferson Santos – unsplash.com
New cooperation on cybersecurity research
Information security and data protection are of central importance to today’s society. Safety-critical infrastructures such as energy and water supply, healthcare, or communications and transportation networks are constantly at risk of being spied on or sabotaged via faulty computer systems. The ready availability of large data sets poses unprecedented risks to the security of organizations and to the privacy of every user. The underlying issues are highly complex and require significant advances in information security and privacy research.
The German government has responded to this situation with extensive investments in security research and – as a beacon – has launched a new research center: the Helmholtz Center for Information Security (CISPA) in Saarbrücken. Since its foundation and admission to the Helmholtz Association in 2019, CISPA has become one of the world’s leading research institutions for information security and data protection.
Cybersecurity research at CISPA
CISPA’s mission is to comprehensively and holistically address the pressing and major challenges of our digital society in the field of cybersecurity and data protection. The current 22 senior scientists combine basic research with innovative application-oriented research, technology transfer and societal discourse. Five research areas cover the entire spectrum from theory to empirical research: trusted information processing, reliable security guarantees, threat detection and mitigation, secure mobile and autonomous systems, and empirical and behavioral security.
One of the reasons why effective information security is so difficult to achieve: it involves real users and real software systems in practice, not in theory. From a security perspective, users do not necessarily act rationally. Because the applications and systems they interact with have reached an enormous level of complexity, users can hardly assess what could go wrong in terms of information security and privacy. This is exacerbated by a serious lack of understanding of how to implement security and privacy measures. They are seen as an obstacle rather than a help and are therefore often ignored or bypassed. Now, no one can ask users to become security experts in order to successfully protect their data. That is why CISPA scientists in the field of Usable Security and Privacy are developing technologies that are geared to the skills and needs of their users – as a contribution to information security in the real world.
Lower Saxony promotes security research
The government of Lower Saxony has recognized the importance of research on information security and data protection and is strengthening these areas at Leibniz Universität Hannover (LUH). In mid-2020, CISPA and LUH signed a cooperation agreement on collaboration in the field of information security, specifically Usable Security and Privacy. Together with the state of Lower Saxony, CISPA and LUH have now initiated the establishment of a dependent branch of CISPA in Hannover. The collaboration is initiated by the joint appointment of L3S member Sascha Fahl, professor at LUH since 2019 and winner of the 2018 Heinz Maier-Leibnitz Prize of the German Research Foundation (DFG). Professor Fahl’s research profile in the field of cybersecurity is an excellent fit for CISPA. As a further step, the establishment of a junior research group in the field of information security with a focus on industrial security is planned for early 2021.
Prof. Dr. Sascha Fahl
L3S member Sascha Fahl conducts research at Leibniz Universität Hannover and CISPA in the Human-Centered Cybersecurity competence area, which combines IT security topics with research methods from psychology and the social sciences to include the human factor in IT security solutions.