At SafeSec Day 2025, Thomas Eder (TÜV TRUST IT, TÜV AUSTRIA GmbH) highlighted just how dangerous security gaps within the supply chain can be. Cyber Third‑Party Risk Management (TPRM) is no longer a niche concern for the IT department alone — it affects the security of entire infrastructures.
Thomas Eder illustrated this with striking examples: a hacker attack on a Norwegian dam, a faulty software update with global repercussions, an IT provider who infected 34 clients with ransomware in one blow. The message was unmistakable: anyone who outsources services must also assume responsibility — structurally, contractually, and technically.
The look ahead was particularly compelling: AI agents capable of autonomously conducting security assessments, generating requirements, and analyzing supplier responses. A multi‑layered system that promises not only greater efficiency but also a new level of security. Because in a world where trust and safety are increasingly negotiated in digital spaces, intelligent tools — and a clear understanding of the risks behind every interface — are indispensable.
SafeSec Day 2025
On 9 October 2025, TÜV AUSTRIA Akademie and msg Plaut Austria GmbH brought together leading experts and industry professionals for SafeSec Day in Brunn am Gebirge, Austria. The event offered deep insights into current developments in safety and security within an increasingly interconnected and AI‑driven world.
The program delivered a rich spectrum of perspectives:
Michael Schmid (MIT, Forify Intelligence) explored the secure integration of AI into critical systems. Thomas Eder (TÜV TRUST IT, TÜV AUSTRIA GmbH) demonstrated how AI can support Cyber Third‑Party Risk Management — and why this is a matter of safety as much as security. Carola Berger (Frequentis AG) shared practical cybersecurity best practices for safety‑critical projects. Robert Bauer‑Wukitsevits (msg Plaut Austria GmbH) explained how model‑based systems engineering (MBSE) can reduce the complexity of requirements.
In the workshops, participants were able to deepen their knowledge: Alongside Markus Benedikt’s LemonTree workshop, Andreas Gruber (TRUSTIFAI GmbH) demonstrated how AI can act as an attacker — and what protective measures are necessary to defend against AI‑supported security threats.