The Digital Networking Security Conference will take place on the first and second day of security essen in Hall 7 and is free of charge for trade fair visitors.
IOT devices and Internet connections of products and services, which were previously purely physical or self-sufficient, are creating new possible targets for cyber criminals. Smart homes, digital company buildings, video surveillance and access control in the cloud are just a few examples of the fact that the confrontation with data protection and information security is inevitable in the future - even for the previously purely physical world of security.
At the Digital Networking Security Conference, experts will report on current incidents, important interfaces between corporate and IT security, legal requirements that affect both worlds and practical implementation examples - both for those responsible for security in companies and public authorities - as well as for suppliers and installers of security technology.
Target groups
| 22.09.2026 | |
|---|---|
| 10:00 am | welcome |
| 10:00 am -10:45 am | tba |
| 10:45 am -11:30 am |
Smart Attacks vs. Smart Defence – How AI is Redefining Cyber Security Artificial intelligence is fundamentally changing the cyber threat landscape: attackers are using AI for automated phishing campaigns, deceptively realistic deepfakes and highly personalised social engineering campaigns. At the same time, companies are investing in AI-based detection and defence mechanisms. A race between AI and AI. The presentation highlights how organisations can effectively secure their own AI systems whilst simultaneously developing employees into a strong ‘human firewall’. The focus is on current threat scenarios, concrete protective measures and the question of why technology alone is no longer sufficient. After all, the decisive factor remains the human element: true resilience only emerges through the interplay of technology, organisation and a strong human firewall. Kim Großmann, Cyber Security Culture Consultant, MHP Management- und IT-Beratung GmbH Benedikt Bauer, AI Security Consultant, MHP Management- und IT-Beratung GmbH |
| Break | |
| 11:45 am -12:30 pm |
NIS 2 and the KRITIS Framework Act: How can we achieve what should have been prepared years ago? With the implementation of the NIS 2 Directive and the new KRITIS Framework Act, requirements are becoming binding that have been known in theory within many organisations for years. This presentation outlines what has actually changed in regulatory terms, who the new requirements affect, and why information security and risk management structures in particular must now be demonstrated to be robust. Drawing on typical practical observations, it shows how companies can sensibly align ISMS structures with business and production processes and document target/actual comparisons in a traceable manner. The focus is on pragmatic implementation approaches, governance issues and the most common stumbling blocks encountered in consulting practice. Igor Sturm, Senior Manager Information Security | Team Leader, AWADO GmbH |
| 12:30 pm-01:15 pm |
Guided Tour of the Darknet What and who are we actually defending our data against? How does a cybercriminal choose their victims? Philipp Frenzel and Merlin Stottmeister offer an insight into the depths of the darknet. From social engineering and malware infections to ransom demands and perpetrators who have been caught, this session reveals what goes on in this shadowy world. Philipp Frenzel, Senior Business Development Manager, Public Sector, Bechtle AG Merlin Stottmeister, IT Security Consultant, Bechtle AG |
| Break | |
| 02:10 pm -02:50 pm |
Doxing as a threat to organisations and employees: An overview of the phenomenon and possible protective measures The term ‘doxing’ derives from the hacker slang ‘dropping docs [documents]’ and, in the strictest sense, refers to the publication of a person’s personal information with the aim of causing them harm. Real-world cases demonstrate how employees can fall victim to doxing – for instance, through the publication of private contact details, followed by threats and harassment. Organisations can be affected by such incidents in various ways, for example as a target of attack (e.g. when an employee is attacked because of their work for the organisation) or as a means of harming an individual (e.g. when an employer is pressured to dismiss an employee). The presentation provides an overview of the phenomenon of doxing and highlights risks as well as possible protective measures for organisations and individuals. Daniel Stäcker, PhD candidate at Darmstadt Technical University |
| 02:50 pm -03:30 pm |
Minimum Viable Company: How businesses can quickly regain operational capability following a cyber attack This presentation explains why traditional full-scale recoveries following cyber attacks are often too slow and risky in practice. Instead, it introduces the ‘Minimum Viable Company’ approach, whereby businesses specifically prioritise only business-critical systems in order to quickly regain operational capability. Using concrete examples, the presentation explains how a secure restart of the IT and production environment can be prepared in a structured manner. It also highlights the organisational and technical prerequisites required for this. The aim is to support companies in reacting more quickly in an emergency and significantly reducing downtime. Timm Fuchs, Cybersecurity Lead DACH at Avanade Deutschland GmbH and Jens Tolkmitt, Cybersecurity Architect at Avanade Deutschland GmbH |
| 03:30 pm -04:10 pm |
Why you should keep canaries to protect yourself from hackers What do canaries, Alan Turing, Star Trek and cyber security have in common? This talk will explain the connections and, in particular, why you absolutely must keep canaries in your company. The speaker has practical experience in the field and will explain how he has already successfully implemented this in various companies. Using simple examples, he will demonstrate what you need to focus on if you want to follow his lead and save costs in the process. Andreas Englisch, IT Security Officer, Aerospace Industry, CISM |
| 23.09.2026 | |
| 10:00 am | welcome |
| 10:00 am -10:45 am | tba |
| 10:45 am -11:30 am |
Robotics and agent-based AI: When machines act autonomously – opportunities and risks AI agents promise a new dimension in the automation of tasks. But what happens if an AI agent breaches the security boundaries set for it, or if malicious attackers take control of AI agents? This presentation examines the current attack vectors targeting AI agents, the resulting risks to IT security, and how these can be addressed. Mirko Ross, CEO, asvin GmbH |
| Break | |
| 11:45 am-12:30 pm |
Digital sovereignty in Europe – an impossible dream? Starting with a brief overview of social and geopolitical developments, we will first examine the ‘classic’ threats to digital sovereignty: cybercrime and espionage. We will then turn to home-grown problems such as underfunded open-source software, the monocultures of American tech conglomerates, global dependencies, and Europe’s role in the age of AI. Finally, we will take a look at the challenges of a multipolar world order – and at how we can regain more control over our IT. Not today. Not tomorrow. But step by step over the coming years Florian Oelmaier, CTO of IS4IT GmbH |
| 12:30 pm -01:15 pm |
Managing cybersecurity incidents: communication, legal aspects, recovery AI models designed to automatically detect software vulnerabilities have recently caused quite a stir. Will this render reporting obligations for data breaches, security incidents and vulnerabilities obsolete? Whilst some reporting obligations – such as those under DORA or the NIS 2 implementation in the BSIG – have only recently been established, reporting of data breaches under the GDPR has been in place for years. The presentation highlights the similarities, differences and synergies between the various reporting regimes, as well as ways to make them more effective. It also looks ahead to upcoming developments – such as those brought about by the Cyber Resilience Act (CRA) or the Cyber Defence Act. Dr Aleksandra Sowa is a certified data protection officer, data protection auditor and IT compliance manager, an expert in IT security, and a member of the steering committee of the GI-FG PET |
| Break | |
| 02:10 pm -02:50 pm | tba |
| 02:50 pm -03:30 pm |
Converged Security in Control Centres: Integrating Physical Security and Cyber Resilience Modern control centres face the challenge of considering physical security systems and cyber security requirements together within an increasingly networked infrastructure. The presentation demonstrates how integrated PSIM platforms can help consolidate information from building, security and IT systems into a single situational overview, thereby improving responsiveness and situational awareness. Using selected practical examples, the presentation explains how processes and security measures can be efficiently integrated in modern control centres. Kai Eckstein, Director of Sales for Germany/Switzerland, Advancis Software & Services GmbH |
| 03:30 pm - 04:10 pm |
Awareness needs more A.C.T.I.O.N. This presentation demonstrates why, although traditional cybersecurity training courses impart knowledge on phishing, social engineering or password security, they often fail to lead to secure decisions in day-to-day work. The A.C.T.I.O.N. model serves as a practical framework of guiding questions that organisations can use to critically examine, design and further develop their awareness measures. The focus is on realistic attack scenarios, decisions made under time pressure, social reinforcement within the team, and iterative learning cycles rather than one-off training sessions. In this way, awareness evolves from isolated knowledge transfer into a controllable component of risk reduction within the organisation. David Bothe, Owner, Cyberbüro Bothe |
Plan your visit to the trade fair!
