Fraunhofer Heilbronn Research and Innovation Centers HNFIZCybersecurity is presenting companies with major challenges. According to the insurance group Allianz, cyber attacks present the greatest risk to companies worldwide. Companies must be open to digitalization, but at the same time digitalization increases opportunities for cyber attacks and requires increased efforts in cybersecurity and privacy protection.
The Research and Innovation Center “Cybersecurity” is being developed as a new institute branch of Fraunhofer SIT (Institute for Secure Information Technology), which cooperates with the existing research departments of Fraunhofer SIT and the National Research Center for Applied Cybersecurity (ATHENE) in its R&E work. The work of the Research and Innovation Center “Cybersecurity” with the overarching focus on “Enterprise Security” is geared towards improving security within organizations by means of exceptional research, e.g., through the development of new security solutions using analysis and studies.
Focus areas:
- AI and Cybersecurity: Defense against cyber attacks targeting AI (e.g., vulnerabilities in AI), AI for defense against attacks (e.g., anomaly detection) and defense against attacks using AI (e.g., deepfake detection).
- Zero Trust: Strengthening cybersecurity, even if attacks have overcome initial lines of defense.
- IT Product and Supply Chain Security: Improvement of software security in complex development processes.
- Legally Compliant Technology Design and Processes: Governance, risk management and compliance in conjunction with cybersecurity and privacy protection.
- Cyber Training and Education: Strengthening cybersecurity in organizations by means of practice-oriented professional development.
- Security and robustness of AI systems: detection of manipulated AI models (e.g. backdoors), analysis and attribution of safety mechanisms in Large Language Models (LLMs), as well as defense against targeted attacks on LLMs — including penetration testing, prompt injections, and resource exhaustion attacks.
- Cybersecurity for critical infrastructures (KRITIS): preparedness for zero-day vulnerabilities and protection against forever-day threats in IT and OT environments of critical infrastructures.