Focus on AI and IT Security

The St. Pölten UAS’ event IT-SECX serves as a platform for the exchange of knowledge and information about trends, technologies, and the latest developments in IT security. Under this year’s motto “AI & Security”, the conference addressed the topic area of artificial intelligence in a cyber security context. Experts presented current research projects, experience reports, and best practices.

The established conference IT Security Community Exchange (IT-SECX) was held at the St. Pölten University of Applied Sciences once again on 11 October 2024. Under the motto “AI & Security”, it dealt with the topic of artificial intelligence in the context of cyber security.

AI & Security: Insights into Current Challenges and Developments

Artificial intelligence (AI) is frequently praised as a generic means of improvement that makes work processes easier and results better – also in the field of cyber security. However, there is a fact that tends to be overlooked: AI is available not only to the defenders, but also to the attackers. In other words, AI has the power to enhance both the quality of threat detection and the complexity of attacks to a considerable degree. Nevertheless, there is the potential to make substantial progress with AI, particularly through the automation of security processes, and to use the scarce resources in cyber security more efficiently.

Protecting AI Systems: Red Teaming as a Security Strategy

Daniel Fabian, head of the Machine Learning Red Team at Google Zurich, kindly attended the event as keynote speaker. In his presentation “Red Teaming in an AI World”, he explained how so-called generic tests – also known as Red Teaming – play a central role in making AI functions and products secure. His keynote addressed the various forms of AI Red Teaming including content security checks, the testing of dangerous abilities, and generic simulation. He demonstrated which strategies and methods attackers might use to manipulate or specifically attack AI systems. Moreover, Fabian outlined the latest tactics, techniques, and processes (TTPs) developed to threaten the security of AI even more effectively.

Additional Programme Tracks for the First Time: Offence, Defence, OT Security, and More

In addition to the main track following the topic “AI & Security”, the participants had the opportunity – due to the strong demand – to attend four more programme tracks: on the topics of Offence/Pentesting, Defence/Detection, OT & Industrial Security (this one made reference to the current set of rules called “NIS2” in addition to technical topics), and a mixed track dedicated to further issues ranging from code analysis through information security metrics to security awareness.

“The IT-SECX impressively showed that the security community is intensively dedicating itself to the topic of artificial intelligence. Renowned experts provided us with fascinating insights into various current challenges and developments. The approximately 750 participants once more used our conference to engage in lively exchange and gain valuable insights”, says Thomas Brandstetter, organiser and chairperson of the IT-SECX programme committee, who is pleased with the outcome.

The programme was rounded off with a company exhibition and an alumni lounge for graduates of the St. Pölten UAS’ study programmes in IT Security.

One of the event’s long-standing sponsors, the WKO UBIT (business consulting, accounting, and information technology – Lower Austria), was once more part of the IT-SECX.

Save the date: The IT-SECX 2025 will take place at the St. Pölten UAS on 03/10/2025.

About the IT-SECX

The IT-SECX is aimed at students, persons engaged in research and teaching, experts from organisations and businesses, school pupils, and all geeks and nerds interested in IT and IT security. Every year, the conference offers more than 700 participants a practice-oriented exchange of information about current developments and trends in IT security.