DeepSec 2025 Press Release: High threat level for IT security research. IT security is under attack from politics and hostility towards science.
Information technology is an integral part of computer science and therefore also of mathematics. Since 2007, the DeepSec conference in Vienna has brought together international researchers to discuss current threats, publish acute vulnerabilities and exchange knowledge on the defence of critical infrastructure. The increasing hostility towards science and the dismantling of US authorities that contribute to IT security are jeopardising the work and, therefore, also the results of the research groups. One consequence is a higher threat level for European companies. The DeepSec conference aims to counter this as a platform.
Networks and data in the crosshairs
Data may not be crude oil, but it is the driving force behind modern information technology. Digitalisation has made data via networks and services indispensable in many companies. Very few people today can go about their working day without the Internet or computerised operation. Data is therefore involved in all attacks.
Because of the war in Ukraine, the failure of the USA as an allied state in the fight against digital crime and the associated threat to the European economy, there is an urgent need for action. The most critical point is the reduction of dependencies, as Europe is still on a ‘drip feed’ from non-European technology companies that can raise prices, discontinue products or intercept data at any time. It is important to scrutinise supply chains and the intentions of digital service providers.
Open source, free software or the many ‘community’ projects are a well-tested approach, but even there is a strong dependence on public funding or support from donations from companies or individuals. The ‘Heartbleed’ defect in the globally used OpenSSL library for cryptography serves as an example here. Publication in 2014 secured more support for the OpenSSL project, leading to improvements in the library. There is a lot more code that also represents the basic building block for a neutral information security infrastructure. IT security researchers have been pointing this out for decades. Now there is an acute need for action.
Forbidden knowledge is in demand
This year’s call for papers for the DeepSec and DeepINTEL conferences taking place in November 2025 has the motto ‘Forbidden Lore’. The motto is based on the impossibility of information exchange in science and research in information technologies regarding security gaps. The barrier here is the lists of certain words and terms published by the current US government. These specifications make dealing correctly and methodically with application defects and infrastructure deficits impossible. As a result, there are far-reaching negative consequences that also affect European IT security research. DeepSec is a neutral platform to mediate between hackers, researchers, authorities, and companies in this area.
Critical infrastructure is often also digital
Digitalisation projects are usually desirable. However, incorrect implementation of some of these projects can pose a risk to citizens’ data. Large technology companies and financially strong start-ups are certainly involved here. This is a direct threat to IT security and data protection if the focus is on analysing data for purposes unrelated to the project. Espionage and misuse of data is the keyword here. The DeepINTEL Security Intelligence Conference has discussed several documented cases in recent years. Not all of them have to do with geopolitical events. The conference programme will also include two-day workshops that provide in-depth knowledge of all facets of IT security. All those who work with critical infrastructure and critical systems are particularly encouraged to attend.
Programme and booking
The DeepSec 2025 conference days are on 20 and 21 November. The DeepSec training sessions will take place on the two preceding days, 18 and 19 November. All trainings (except for announced exceptions) and lectures are intended as face-to-face events, but can be held partially or completely virtually if necessary. For registered participants, there will be a stream of the presentations on our internet platform.
The DeepINTEL Security Intelligence Conference will take place on 19 November. As this is a closed event, please send direct enquiries about the programme to our contact addresses. We provide strong end-to-end encryption for communication: https://deepsec.net/contact.html
Tickets for the DeepSec conference and training sessions can be ordered online at any time via the link https://deepsec.net/register.html. Discount codes from sponsors are available. If you are interested, please contact deepsec@deepsec.net. Please note that we depend on timely ticket orders because of planning security.