Improving the applicability of industry standards in the field of information security using linguistic concepts
This project aims to improve the comprehensibility and applicability of industry standards using ISO/IEC 27001 as an example. It is one of the most important standards in the field of information security. Due to the non-ambiguity and interpretability of the requirements, there is a risk of misunderstandings that make the implementation of the specifications more difficult. Linguistic concepts will be used to develop proposals for improvements in standardisation, application and ensuring comprehension.
Research focus
- Information security
- Risk management
- Conflict management
- Human factor in information security
Curriculum Vitae
- 2015: until today CycleSEC GmbH, Hamburg, Managing Director and Managing Consultant
- 2015: until today Teaching at the Wilhelm Büchner University of Applied Sciences Darmstadt: Author and tutor of the study units “Human Factor in Information Security” and “Fundamentals of Information and IT Security”.
- 2015: until today member of the working group “Requirements, Services and Guidelines for IT Security Systems” as the German standardisation committee for the ISO/IEC 27000 series of standards of the German Institute for Standardisation (DIN).
- 2009 – 2015: Freelance Senior Information Security Consultant
- 1996 – 2009: Officer career in the German Air Force, IT security officer for various services, most recently for the Air Force Command and the German Armed Forces ISAF mission in Afghanistan and Uzbekistan.
Publications
- Sebastian Klipper (2021). Conflict management for security professionals, 3rd revised edition. Wiesbaden: Springer Vieweg
- Sebastian Klipper (2020). Weird Sociotechnical Systems. HMD Praxis der Wirtschaftsinformatik. 57, S. 571-583
- Sebastian Klipper (2018). Improbably ignorant: one’s ignorance about potential attackers must not be expressed in probabilities. Business Informatics & Management. 03/18
- Sebastian Hess, Sebastian Klipper (2018). Cybersecurity: A topic also for supervisory boards. Der Aufsichtsrat. 09/2018, pp. 124-126
- Wolfgang Böhmer, Knut Haufe, Sebastian Klipper, Thomas Lohre, Rainer Rumpel, Bernhard C. Witt (2017). Operating and improving information security management systems (ISMS) with DIN EN ISO/IEC 27001. Berlin: Beuth
- Sebastian Klipper (2017). Risk matrices: common mistakes and how to avoid them. – Journal of Information Security. 01/17
- Sebastian Klipper (2016). The risk isoquant analysis. – Journal of Information Security. 05/16
- Sebastian Klipper (2015). Cyber security: an insight for economists. Wiesbaden: Springer Vieweg
- Sebastian Klipper (2015). Information security risk management, 2nd revised edition. Wiesbaden: Springer Vieweg
All publications at: https://cyclesec.com/ueber-uns/veroeffentlichungen/
Presentations
- ZKI Spring Conference 2018, Homo Carens Securitate. Man suffering the lack of security: From Homo Oeconomicus to Weird Sociotechnical System
- I.S.P. Community Meeting 2018. Finding the right words – Linguistic concepts to increase security awareness
- TakeAware 2018. why are security experts so hard to hear? Linguistic concepts to increase the transmediality of language use in IT security
- Research Day IT Security NRW 2017. Homo Carens Securitate. The human being who suffers the lack of security: From Homo Oeconomicus to the Weird Human
- I.S.P. Community Meeting 2016. Errors in Risk Management
- Softwareforen Leipzig 2016. risk isoquant analysis (RIA)
- Softwareforen Leipzig 2015. Risk Assessment as part of the ISO/IEC 27000 series of standards
- DuD – Data Protection and Data Security 2015. Risk Management
- All presentations at: https://cyclesec.com/cyclesec-live/
Website
https://cyclesec.com/