SerNet News

SerNet is continuing to support the Deutschlandstipendium at the Georg-August University of Göttingen in the current funding period 2020/21. This time, the scholarship funded by SerNet goes to Gesa Bei der Wieden, a student of Computer Science and German Philology in her 3rd semester. A total of 252 Deutschlandstipendien could be awarded at the Georgia Augusta for the support period..

The small ceremony for the scholarship holders and sponsors took place online this time. The goal of the Deutschlandstipendium is for universities, the federal government, and sponsors from business and society to jointly support particularly committed students. To this end, the scholarship holders receive 300 euros per month for one year; 150 of these are provided by sponsors, 150 euros are co-financed by the federal government.

SerNet is a long-standing supporter of the Deutschlandstipendium. Since the start of the initiative, funding has flowed to the HAWK - University of Applied Sciences and Arts Hildesheim/Holzminden/Göttingen. Since the 2019/20 winter semester, the company has taken over one scholarship a year at the Georg-August University of Göttingen.

More about the Deutschlandstipendium on the information pages of the University Göttingen.

With verinice. SerNet GmbH provides the only open source tool for the management of information security (ISMS). In order to grow dynamically and to further advance the development of the software, the team is looking for additional members with immediate effect.

Three positions are currently open:

• Front-End Developer for verinice. (d/w/m)
• Back-End Developer for verinice. (d/w/m)
• Full-Stack Developer for verinice. (d/w/m)

The verinice.TEAM works distributed at the locations Berlin (Mitte) and Göttingen (headquarters of SerNet). Interested parties can apply for both locations. Details on tasks, requirements and benefits are included in the respective job description.

About verinice.

verinice is the only tool for information security management under open source license. It is in use in 4 German states and in more than 40 federal authorities, as well as in a large number of municipalities, public utilities and other public sector institutions, especially in critical infrastructures. For the industrial sector, verinice supports not only the IT Baseline Protection of the BSI but also the ISO 27001 and is used here by companies throughout Europe and also by the Council of the European Commission or European national banks.

Working at SerNet

You can find more information from SerNet about the working environment online, as well as further information about training, studying and women in STEM professions. Furthermore, you can read here how we deal with COVID-19 and working from home.

For questions about the positions or to apply (PDF format), please contact SerNet Managing Director Reinhild Jung at jobs@remove-this.sernet.de.

2020 has proven to be an exceptional and challenging year for all. Thanks to the unified effort of all colleagues, SerNet has been able to navigate well through the past months, which have been marked by Corona. So it is time to express our thanks: thanks to all colleagues who have been committed to working together, and thanks in particular to all our customers and business partners. Instead of showering everyone with appropriate thank-you cards at the end of the year, SerNet has donated to a social cause - the Tafel Göttingen e.V.

Managing Director Reinhild Jung: "As in the past, we refrain from sending Christmas cards for ecological reasons and prefer to donate the corresponding amount to a good cause." An important component of the daily work at SerNet is to maintain good and trusting relationships with all customers and business partners. That is why she is sure that this action is in everyone's interest. "We want to show our sense of responsibility and a pro-social commitment with our donation at the end of the year," says Jung.

SerNet colleagues were called upon to suggest a project close to their hearts. In the end, the Tafel Göttingen was drawn, and received 2,000 euros. In an open letter (read more: https://www.tafelgoettingen.org/offener-brief-an-die-politik-100emehr/), the organization had already pointed out in the spring that the Covid 19 pandemic was exacerbating the already difficult situation of those affected. The number of new registrations had already risen perceptibly at that time. "We are convinced that our donation is in good hands with Tafel Göttingen and can be put to good use," emphasizes SerNet managing director and founder Dr. Johannes Loxen.

The entire SerNet wishes a peaceful and, above all, healthy Christmas season with the prospect of a more enjoyable 2021.

verinice.XP is the conference for users of the OpenSource ISMS tool verinice. On February 24 and 25, 2021, it will take place for the first time in a new format as an online event. Tickets for the conference as well as for the preceding workshops on February 23 can be booked at verinicexp.org. Please consider that the conference language is German.

The organizing committee decided to switch to the new format due to the corona situation. Nadine Dreymann, who is responsible for verinice.XP at organizer SerNet, says: "Unfortunately, we have to do without in-person networking this time, but overall we see many advantages in a digital conference." Besides the obvious security factor, a virtual event opens up more flexible participation options. Speakers give their presentations live via zoom, so that participants can follow and engage in the conference from any location via the Internet. Dreymann: "Of course we will come up with ideas to make verinice.XP the usual high-quality and also buoyant experience".

Early-bird tickets for the online edition of verinice.XP 2021 are available at a price of 66 Euro. From December 12, 2020, the regular ticket will be available for 99 Euro.

The Call for Papers will run until December 11, 2020. Well-founded presentations and reference projects are still accepted for the agenda: IT security, data protection (EU-DSGVO) as well as KRITIS and industry standards will provide the participants with two days of information. Pioneering innovations in verinice will also have their place in the online program.

The workshops scheduled for the day before the conference (February 23) will also be held remotely. The topics are available for selection:

• Implementation of modernized IT baseline protection in verinice (workshop with Ulf Riechen, Riechen Consulting)
• Modernized IT baseline protection – the ultimate perspective (Workshop with Dirk Brand, Sila Consulting)

The costs for a workshop participation are 199 Euro. Further details on the contents can be found on the conference website at verinicexp.org.

For the ISMS tool verinice, the sector-specific standard B3S Krankenhaus (hospital) is now available. It supports hospitals in implementing requirements for the protection of their information infrastructure. Users can apply the standard in the IT baseline protection or in the ISM/ISO perspective. The standard is published by the German Hospital Federation. As additional content for verinice, it can be purchased via the verinice.SHOP or downloaded from the verinice.PRO repository. Please note: This B3S is only available in German.

Hospitals with more than 30,000 inpatient cases per year are considered "critical infrastructures". They are subject to special legal requirements to protect their information infrastructure. To support this, the German Hospital Federation has developed the industry-specific security standard for hospital healthcare (B3S Krankenhaus). The verinice.TEAM at SerNet has prepared this standard for verinice: For the perspective of the modernized IT baseline protection all requirements are listed as well as sector-specific threats, which can be modeled in verinice on the IT organizations. In addition, a model of a sample hospital is available, which contains sample structures and thus facilitates the introduction. For the ISM/ISO perspective, an example organization has been created, which contains all central contents of the security standard (for the exact contents see the store at https://shop.verinice.com/de/content/).

Michael Flürenbrock, verinice-Product-Owner: "We are convinced that the combination of verinice and the sector-specific standard is a great help for hospitals in securing their information infrastructure". In addition, a data protection module could be used and this sensitive area for hospitals could also be covered by verinice. SerNet managing director Reinhild Jung also points out that verinice is 100% open source and 100% "Made in Germany". SerNet GmbH is the publisher of verinice and pursues an open source strategy with completely disclosed source code. Jung: "This in particular is an important contribution to security management for critical infrastructures.

Ulf Riechen and Dirk Brand (Sila Consulting) were actively involved in the implementation of the B3S Krankenhaus for verinice. Both are long-standing verinice.PARTNERs and experts. The verinice.TEAM was able to create the now available additional content based on their work and would like to thank them explicitly for their commitment! The verinice partners are an important part of the verinice ecosystem. With their proven expertise, they advise customers, among others with specialization in the healthcare sector, and help to continuously develop verinice according to customer experiences and requirements.

About verinice: verinice is the only tool for the management of information security under OpenSource license. It is used in 4 federal states and in more than 40 federal authorities, as well as in a large number of municipalities, public utilities and other public institutions, especially for critical infrastructures. For the industrial sector, verinice supports the ISO 27001 in addition to theIT baseline protection of the BSI and is in use here at companies throughout Europe as well as at the Council of the European Commission and European National Banks. SerNet, as the publisher of verinice, also holds the trust seals "IT security made in Germany" and "IT security made in EU".