The IWIS team visited one of Europe’s largest IT security events in Nuremberg it-sa: HOME OF IT SECURITY: Trends & innovations in the IT security sector. The conference brought together over 28,000 visitors from 64 countries and nearly 1,000 exhibitors who showcased vital solutions for protecting data, networks, and infrastructure.

At the heart of the discussions was the integration of artificial intelligence into security processes and its potential to automate monitoring. However, participants also addressed the risks associated with generative content and data manipulation. Key topics included Cloud & Mobile Security, Data Protection, Industrial Security, Critical Infrastructure Protection, and Attack Surface Management.

Significant attention was devoted to Zero Trust Architecture as the new corporate protection standard, and to Security by Design – the concept of embedding security into products from the earliest development stages. The event also highlighted the participation of ENISA, ECSO, and national regulators in joint initiatives to enhance Europe’s cyber resilience.

What was discussed – and what did we take away?

The European Product Market vs. Ukraine’s Service Focus
In Europe, most IT companies are product-oriented: they develop ready-made solutions, undergo certification and audits, and integrate security at the architectural level. European clients expect security by default, not as an add-on service.
In contrast, Ukraine’s IT model is service-driven: we dive deep into the client’s business specifics, define requirements, and build tailored solutions. Yet this flexibility comes at a cost — less time and resources for systemic security, standardization, and preventive measures.
While Europe builds trust through standards, Ukraine builds it through agility and speed. The future advantage may lie in combining both approaches — product maturity and service adaptability.

Human is Still a King, AI is the Shield
One of the discussed cases involved Deloitte, where the use of generative AI to produce an official report worth $440,000 led to critical errors and reputational damage. The document included fabricated scientific references, false footnotes, and even a made-up quote from a federal judge. The conclusion was clear: AI must remain under human expert supervision.

Preventive over Reactive
Behavioral analytics, anomaly detection, and pre-attack monitoring are now the norm. Investigating breaches after they occur is too costly — both financially and reputationally.
This year’s it-sa Expo once again proved that cybersecurity in Europe is evolving from a technical field into a strategic one, becoming an integral part of business culture, product design, and user trust.

A Note on Cyber Awareness
According to Cybersicherheitsmonitor (BSI/ProPK), 54% of German citizens are at least occasionally interested in cybersecurity issues, while 25% never engage with them. In comparison, IREX VIBE-2024 reports that 42% of Ukrainians actively use personal cybersecurity tools, and around 65% acknowledge being aware of cyber risks.
Thus, despite differences in resources and approaches, Ukrainians are rapidly reaching Germany’s level of cyber awareness – indicating that the culture of cybersecurity in Ukraine is developing faster than expected.
Today, Ukrainian IT companies face different urgent challenges, but we are simultaneously gaining valuable expertise in cybersecurity – experience that will soon allow us to present homegrown solutions confidently on international stages.