BEGIN:VCALENDAR VERSION:2.0 PRODID:ics.py 0.8.0-dev0 - http://git.io/lLljaA BEGIN:VTIMEZONE TZID:/ics.py/2020.1/Europe/Berlin BEGIN:DAYLIGHT TZOFFSETFROM:+0100 TZOFFSETTO:+0200 DTSTART:19700329T020000 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU RDATE:19700329T020000 TZNAME:CEST END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0200 TZOFFSETTO:+0100 DTSTART:19701025T030000 RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU RDATE:19701025T030000 TZNAME:CET END:STANDARD LAST-MODIFIED:20200620T153818Z X-LIC-LOCATION:Europe/Berlin END:VTIMEZONE BEGIN:VEVENT DTSTART;TZID=/ics.py/2020.1/Europe/Berlin:20210413T100000 DTEND;TZID=/ics.py/2020.1/Europe/Berlin:20210413T130000 SUMMARY:CERT@VDE: Between law and technology - risk minimization! But how? UID:382179b3-6775-4390-bc7f-18756da2f28a@3821.org DESCRIPTION:Type: On location\n\n\nIn the age of Industry 4.0\, increasing digitalization poses new challenges for industrial cyber security.Session 1: Efficient risk minimization through CERT@VDEWhile large companies often already have their own Computer Emergency Response Teams (CERTs) and specialized Product Security Incident Response Teams (PSIRTs)\, small and medium-sized enterprises (SMEs) usually do not have them or only have limited resources. In addition\, they often lack routine in dealing with vulnerabilities\, creating security alerts (advisories) and communicating\, e.g. with external security researchers or other CERTs\, such as the ICS-CERT in the USA. In addition\, most manufacturers have so far been working on a solution on their own. As a rule\, there is no cross-company exchange\, although a vulnerability often affects different manufacturers and synergy effects can be exploited through cooperation. In the event of a serious vulnerability\, SMEs lack the experience\, expertise and information to deal with the acute threat situation in a confident\, coordinated and comprehensive manner.CERT@VDE is the first platform in Germany for coordinating IT security issues specifically for SMEs in the industrial automation sector: It offers manufacturers\, integrators\, plant constructors and operators from the industrial automation sector the opportunity for an intensive and trusting exchange of information and concrete support on the topic of cybersecurity.SpeakerAndreas Harner\, Abteilungsleiter CERT@VDE &\; Cybersecurity\, VDE Verband der Elektrotechnik Elektronik Informationstechnik e. V.Session 2: Responsibility for IT products: Obligation to update or updating freestyle?IT security is an ongoing process - this also applies to software updates for products that affect IT security. Welche rechtlichen Anforderungen gelten hier jetzt und zukünftig? In welchem Umfang muss ich Updates bereithalten\, und eventuell sogar kostenfrei? Diese und weitere Fragen soll der praxisnah gestaltete Vortrag klären.SpeakerDr. Dennis-Kenji Kipker \, Legal Advisor\, CERT@VDESession 3: Of 0days and exploits - vulnerabilities in software and their remediesThere is a lot of talk about vulnerabilities in software products\, often highlighting individual vulnerabilities in detail. However\, the actual problems differ greatly in terms of both their effects and their causes. We provide an overview of the different types of security vulnerabilities in software\, how they arise and how they can be prevented in a modern\, agile development model.SpeakerJan Münther\, Head of Digital Product Security\, OSRAM GmbHThe webinar will take place on April 13\, 2021 from 10 am to 1 pm and is part of the three-part event series "Between Law and Technology - Cybersecurity in Business Practice" by reuschlaw Legal Consultants and the VDE.Tickets cost 99\,-- € plus taxes and fees and can be purchased at Eventbrite. LOCATION: DTSTAMP:20260423T114516Z END:VEVENT END:VCALENDAR