Franz Joseph itemis

#46: Franz-Josef Schuermann: TARA & Threat Modeling Stories

We sat down with the Chairman of the Board at itemis inc. and the world-renowned TARA expert to discuss innovations in Threat Analysis, automotive cybersecurity trends, and much more.

Apple-Podcasts-Badge
Spotify Podcasts Badge
Google Podcasts Badge

About Franz-Josef Schuermann

Franz – Josef Schuermann (FJ) joined itemis AG in 2021 as a member of the board and he is also the chairman of the board at itemis Inc. Before joining itemis AG, he was a group board member at The Adecco Group (CEO – DACH and Group Chief Sales & Innovation Officer) and lead Infosys Ltd. in Germany for five years as CEO. As Global Partner at Accenture, he supported Fortune 100 and DAX 30 companies in their largest transformation initiatives. Throughout his career, FJ has been involved in more than ten innovative technology-based Start – ups. He has over 20 years of experience in the technology space as well as CEO and Board Member. He has been a frequent speaker at globally leading universities and events.

Summary of the Conversation with Franz-Josef Schuermann

Franz-Josef Schuermann (FJ), a member of the board at itemis AG and Chairman of the board at itemis Inc., joins the show to discuss his extensive experience in technology and cybersecurity. Before joining itemis, FJ held prominent roles at the ADECO Group, Infosys LTD, and Accenture. He has been involved in over 10 innovative technology-based startups and is a frequent speaker at global universities and events.

Introduction

  • Career Overview: FJ has over 20 years of experience in technology, including roles as CEO and board member at various organizations.
  • Current Role: At itemis, FJ focuses on enhancing cybersecurity and technology integration.

Key Insights and Highlights

  • Interest in Cybersecurity: FJ’s interest in cybersecurity stems from the increasing connectivity of products and the associated vulnerabilities that need to be managed to ensure safety and security.
  • Technology’s Impact: The importance of cybersecurity in technology, particularly in areas where vulnerabilities can have life-threatening consequences, such as in automotive and medical devices.

Challenges and Approaches

  • Dynamic Risk Management:
    • Example of Tesla: Tesla’s frequent over-the-air updates demonstrate the need for dynamic risk management. The automotive industry must adapt to continuous changes in software and hardware.
    • Regulatory Challenges: Regulatory frameworks often struggle to keep pace with technological advancements, creating challenges for companies trying to innovate while ensuring compliance.
  • Three Major Trends:
    1. Innovation vs. Regulation: The pace of innovation often outstrips the ability of regulators to keep up, posing challenges for marketability and global consistency.
    2. Regulatory Knowledge Gaps: Regulators may struggle to understand and adapt to new technologies, such as AI and advanced data usage.
    3. Scaling Innovations: The discrepancy between initial innovation and large-scale implementation, particularly in the automotive industry.

Specific Insights on Automotive and Medical Device Security

  • Simplified Architectures: Some companies, like BYD and Tesla, simplify their architectures to enhance cybersecurity and reduce production costs, contrasting with traditional manufacturers with more complex systems.
  • Model-Based Development: The trend towards model-based software development to reduce complexity and improve security.
  • Hardware Trends: The integration of cybersecurity features into hardware and the move towards AI at the edge to improve efficiency and reduce costs.

Regulatory and Market Trends

  • SBOMs and Traceability: The need for dynamic software bills of materials (S-BOMs) and traceability throughout the development cycle to manage vulnerabilities effectively.
  • Collaboration and Best Practices: The importance of collaboration within the industry to adopt best practices and address the rapidly changing landscape of cybersecurity.

Personal and Professional Reflections

  • Memorable Experiences:
    • Tool Development for OEMs: FJ is proud of itemis’s role in providing software tools for major OEMs, influencing the production of future vehicles.
    • CRM System for Deutsche Bahn: Successfully delivering a highly resilient customer relationship management system for Deutsche Bahn.
    • Partnership with Hella: Collaborating on system engineering projects for advanced automotive technologies.

Conclusion

FJ emphasizes the importance of staying agile, adopting best practices, and collaborating across the industry to manage the complexities and rapid changes in cybersecurity. His experiences and insights highlight the critical role of innovation, regulatory compliance, and effective risk management in shaping the future of technology and cybersecurity.

Final Thoughts

  • Long-Term Impact: FJ and his team at itemis are committed to continuing their long-term impact on technology and cybersecurity.
  • Partnership with Cybellum: Both itemis and Cybellum are excited about their collaboration and the potential for continued innovation and success in 2024 and beyond.
more episodes
JB Baker
#73: JB Baker: Computational Storage and Product Security

We sat down with the Seagate, Intel, and ScaleFlux veteran to discuss innovations in storage technologies, emerging threats, and cybersecurity.

#72: Bryan Kissinger: Cybersecurity – A Business-Minded Perspective

We sat down with the seasoned IT and cybersecurity leader and CISO at Trace3 to discuss emerging cyber threats, aligning security with business goals, and tailoring “right-sized” security programs. We also discuss balancing innovation with compliance and how military leadership principles influence corporate cybersecurity strategies.

all episodes