Symbolic Picture: Adobe Stock
When it comes to digital security, many users simply feel overwhelmed. Every new connected device creates potential vulnerabilities. While companies have their own departments with expertise in digitalisation and digital security to oversee the introduction and use of new technologies, private households often lack the knowledge, resources and structural support.
The European Union has declared October to be European Cybersecurity Month in order to draw attention to the urgency of the problem. Researchers from the Bavarian research network ForDaySec, coordinated by the University of Passau, have taken this as an opportunity to publish a white paper. The paper outlines specific scenarios, research perspectives and options for action. It emphasises that cybersecurity is a task for society as a whole.
According to the researchers, Bavaria has the potential to become a model region in Europe in the field of digital security in everyday life. In the white paper published on 1 October, the disciplines involved in the alliance list the following recommendations for action, among others:
- Computer science: A new generation of smart home applications with integrated artificial intelligence (AI) creates convenience, but also new vulnerabilities. Many functions of today's smart home systems are outsourced as cloud services, often to providers outside the EU. In order to retrofit additional security mechanisms, AI systems should be operated locally and decentrally on end devices – in combination with open standards. This would ensure control. Research and manufacturers should share responsibility for this.
- Legal science: Retailers should ensure that they receive updates in the supply chain and seek legal advice in good time – not least in order to ensure long-term security in everyday digital life.
- Social science: A systemic understanding of responsibility, roles and everyday logic is needed to design effective security solutions.
We need strategies that take uncertainty into account and still allow us to remain capable of acting.”
Professor Stefan Katzenbeisser, University of Passau
Professor Stefan Katzenbeisser, co-spokesperson and holder of the Chair of Computer Engineering at the University of Passau, emphasises: “Not everything can be built securely. But many things can be integrated securely. To do this, we need strategies that take uncertainty into account and still allow us to remain capable of acting.”
Dr Henrich C. Pöhls, Managing Director of the IT Security Centre at the University of Passau and researcher at the Chair of IT security, advocates for greater offline capability in “smart” solutions: "Smart everyday devices constantly send data and are networked with each other – whether necessary or not. By restricting network communication or even isolating devices from the internet altogether, you not only protect their critical functions, but also achieve greater privacy in everyday digital life. We want smart capabilities ‘offline’ too."
Passau legal expert Professor Thomas Riehm from the Institute for Digital Society Law is also involved in the Bavarian network. He demands: "Digital products must continue to be supported after purchase – not only to fix errors, but also to ensure security throughout their entire life cycle. This urgently requires legal certainty and clear guidelines for companies and consumers."
The message of the white paper: responsibility for digital security must no longer be shifted onto individuals. Instead, it should be shared by society as a whole, risks minimised and support made easily accessible.
The researchers advocate targeted funding for cybersecurity research in Bavaria. They believe that the state combines strong industry, excellent research and a spirit of innovation – ideal conditions for becoming a model region for other federal states and Europe in the field of everyday digital security.
The FORDaySec research cluster – Security in everyday digitalisation
Coordinated by the University of Passau, the interdisciplinary research cluster "ForDaySec – Security in everyday digitalisation" is investigating new types of technical procedures that provide cybersecurity to private households, small- and medium-sized enterprises (SMEs) and the public administration.
About the ForDaySec research network
Since April 2022, the Bavarian research network “Security in Everyday Digitalisation” (ForDaySec) has been investigating innovative technical procedures for cyber security in private households, small and medium-sized enterprises and public administration. For the first time, it brings together research from computer science, law and social sciences to think about security in a systemic way. To this end, five Bavarian universities have pooled their expertise in an interdisciplinary manner. The network is funded by the Bavarian State Ministry of Science and the Arts.
This text was machine-translated from German.
Professor Stefan Katzenbeisser
How can critical infrastructures in a networked world be protected against cyber attacks?
How can critical infrastructures in a networked world be protected against cyber attacks?
Professor Stefan Katzenbeisser holds the Chair of Computer Engineering at the University of Passau. He researches cyber security in embedded systems, critical infrastructures and technical data protection. He is spokesperson of the research cluster "ForDaySec - Security in everyday digitalisation", which is funded by the Bavarian Science Ministry. Besides participating in research projects on secure mobility, he is also involved in the research initiative "6G Research and Innovation Cluster (6G-RIC)". Since November 2023, Professor Katzenbeisser has been a representative of the DFG Review Board “Security and Dependability, Operating, Communication and Distributed Systems”.
Professor Thomas Riehm
What does digitalisation mean for the application and development of laws that are over 100 years old?
What does digitalisation mean for the application and development of laws that are over 100 years old?
Professor Thomas Riehm holds the Chair of German and European Private Law, Civil Procedure and Legal Theory and is the speaker of the Institute for Digital Society Law (IRDG) as well as a member of the Passau Institute for Digital Security (PIDS). His main research interests are contract and liability law with a focus on IT matters but also civil dispute resolution, including their digitalisation. Among other areas, he focuses on the legal issues that arise from the digitalisation of civil law proceedings, the use of AI, contract law for digital services, and the adaptation of form requirements to digitalisation needs.
