August 19th 2020

DiBSE Insights: IT Security in unsecure times of COVID-19

Our lecturer Dr. Pascal Schöttle gives exciting insights into his research area.

 

For two years now, Dr. Pascal Schöttle has been teaching online in the bachelor's program
For two years now, Dr. Pascal Schöttle has been teaching online in the bachelor's program "Digital Business & Software Engineering", aka DiBSE, including the course IT Security, and has played a key role in designing this study program. Credit: MCI

The COVID-19 outbreak has created unprecedented challenges for businesses and educational institutions. In order to maintain their operations, they needed ad hoc functional and above all secure digital alternatives to the traditional office or lecture hall. In an interview, our editor Dr. Pascal Schöttle reveals the IT security challenges that the corona crisis presents us with and how he prepares his DiBSE students for a future in IT.

What are the biggest challenges in the new digital collaboration, especially with regard to IT security?

One major challenge that the COVID-19 crisis has presented us with is certainly the instant transfer of most of our everyday work to a home office format. From an IT security point of view, the lack of awareness of employees and the short transition period have been particularly relevant. Due to the increasing use of tools for digital collaboration in the home office, video conferencing and the like, this area is attractive to criminals. It has been clearly seen that phishing and spam emails, which specifically address this issue, have increased dramatically. Another point is that working from home requires strong authentication mechanisms, which have been neglected in many areas until now. In addition, many solutions for increasing IT security are not exactly user-friendly. Especially people with less technical skills have problems to use and apply them correctly. An additional challenge concerns the privacy of all those people who are now online more frequently and could therefore be monitored in even more areas. Employers, in particular, are called upon not to use tools for employee monitoring in the home office.

What do companies and universities have to do now to make themselves crisis-proof and thus future-proof in terms of IT security?

The biggest mistake now would be to go back to the status before the COVID-19 crisis. Many of the systems that were "created out of thin air" due to the pandemic are certainly in need of improvement, but there is no way back. Students and staff should now be trained specifically in security and privacy awareness and the systems currently in use should be continuously improved. Generally, IT security should be implemented into new concepts from the start. The increasing automation of security mechanisms and the idea of "security by design" are good foundations for a secure future. Especially in the higher education sector, it can be assumed that a large proportion of courses will be held online in the foreseeable future. Here it is of course the responsibility of the respective university to ensure that students are not exposed to additional threats to IT security and privacy.

The DiBSE Bachelor's program was designed as an online program from the very beginning. How helpful was the experience already gained here?

In this respect, of course, we had a huge advantage over many other study programs, here at the MCI, but also at most other universities. On the one hand, online teaching requires completely different didactic concepts from the teaching staff. On the other hand, students also have to get used to online learning. We have been tackling both of these issues in DiBSE for two years now, without the time pressure to which many attendance courses are now exposed. In addition, we had already considered many alternatives to the current solutions in DiBSE, which we have now implemented even faster than we might have planned. For example, how to conduct individual exams without the presence of students. In this case the past two years have been good preparation as well and I think that our students have hardly noticed any difference from the last semesters. Except, of course, that the personal relationship between teachers and students, which has benefited greatly from the attendance days, is somewhat less pronounced due to the situation in recent months.

What were the big "lessons learned" from the past months and what do you give your DiBSE students to take with them for their future in IT?

In the past few weeks, many people have learned that a sensible use of information technology can make life easier. Whether it is to contact loved ones in times of curfews or quarantines, whether it is the transfer of work or teaching content to the virtual world or simply the safe shopping of food online. In all these areas IT is essential, especially in times of great uncertainty. Helping to shape and further improve these technologies was an exciting and important task even before the pandemic. Now it became even more important and this is exactly what we train our students for. This comes with great responsibility, but also a lot of fun and fulfillment!

Contact
Prof. Dr. Peter J. Mirski | Head of Department & Studies Bachelor's program Management, Communication & IT
Prof. Dr. Peter J. Mirski Head of Department & Studies
Prof. Dr. Pascal Schöttle | Leave of Absence Bachelor's program Digital Business & Software Engineering
Prof. Dr. Pascal Schöttle Leave of Absence +43 512 2070 - 4332