We look at methods, concepts and tools at different levels of abstraction. Starting with the problem of securing information systems as a whole, we then focus on studying the threat landscape and individual building blocks from the arsenal of defence (anti-virus, security information and event management (SIEM) systems, security aspects of mobile plattforms) and attackers (penetration testing, exploitation, attacks on mobile plattforms).