15 Years of Unternehmens- und IT-Sicherheit: Theory and Practice

As part of the “Unternehmen Zukunft” series, researchers from Hochschule Offenburg and industry experts presented current aspects of the degree program.

17.04.2026 · Press release · Editorial Office: jd

A man is standing to the right of a lectern, explaining something to the people seated in front of him
At the event marking UNITS’ 15th anniversary, Dean of Studies Andreas Schaad looked back on the department’s development and looked ahead to the future.

As artificial intelligence continues to advance, the issue of corporate and IT security is becoming even more important than it already is. Just a few days ago, it was reported that Anthropic does not intend to make the software for its AI model, Claude Mythos, publicly available, as hackers could use it to easily detect and exploit countless unknown security vulnerabilities in IT systems previously considered secure. All the more reason to celebrate the 15th anniversary of the bachelor's program in Unternehmens- und IT-Sicherheit (UNITS) at Hochschule Offenburg. Dean of Studies Andreas Schaad therefore invited company representatives, alumni, and students to an event as part of the “Unternehmen Zukunft” series organized by Hochschule Offenburg and Zukunft.Raum.Schwarzwald, to exchange ideas on research projects, career paths for UNITS graduates, and challenges in this dynamic field. Interest was so high that additional chairs had to be brought into the packed lecture hall.

And the seven speakers—including six UNITS alumni—did not disappoint the audience. First, Vanessa Barnekow (Offensive Security Manager, NVISO Security GmbH) used the example of penetration testing (or “pentesting” for short) to explain who can be replaced by AI and who cannot. Her conclusion: AI will increasingly take over the task of detecting vulnerabilities, but human pentesters will become increasingly important for interpreting the results, drawing conclusions from them, and communicating those findings to company leadership. Fabian Hagg (Senior Security Researcher, Onapsis) then highlighted how important regular and timely security updates are for companies to minimize risks and protect their systems from cyberattacks. Haag cited “SAP Security Tuesday” as an example: The software company releases security updates and patches monthly—usually on the second Tuesday of the month—to address critical security vulnerabilities. Dennis Barnekow (Freelance Penetration Tester, IT-Security Barnekow) then addressed the topic of starting a business and self-employment in the field of penetration testing. He outlined the advantages and disadvantages of independent penetration testing—both for the tester and for the client company. The presentation by Christopher Harms (Team Lead, Security & Network Services, Markant Services International GmbH) made it clear that IT security can hardly be managed by a single company alone, but is rather a collaborative effort—for example, with an “information logistics provider” such as Markant. Dennis Schmid (Global Business Continuity & Crisis Manager, Rolls-Royce Power Systems AG) then addressed the question of what to do when everything comes to a standstill after a successful cyberattack, yet a global corporation must continue to operate. In response, he shared numerous practical examples of successful business continuity management and crisis management. To ensure that this doesn’t become necessary in the first place, there are information security consultants like Pascal Bauer (Information Security Consultant, aramido GmbH). He reported on his own life, from his studies to his career. And last but not least, Leon Schmidt (IT Security Consultant, cirosec GmbH) shared a positive message with the audience: that an attack vector—a potential pathway through which an unauthorized person could infiltrate or compromise a foreign computer system—is just one vector among many. Experts such as the UNITS graduates can calculate or assess the risk posed by attack vectors using quantitative methods and thus prioritize appropriate security measures in a targeted manner.

The corporate representatives and students in attendance then used the concluding “Meet & Greet” to make initial contacts or gather further practical tips from the speakers.

Zukunft.Raum.Schwarzwald

The RegioWIN flagship project Zukunft.Raum.Schwarzwald aims to boost the innovative capacity of small and medium-sized enterprises by promoting structured, needs-based knowledge and technology transfer, and to integrate rural and suburban areas—through coworkingand innovation hubs.