Current status: National Cyber Security Strategy
The Austrian Cyber Security Strategy /ACSS (Österreichische Strategie für Cyber Sicherheit / ÖSCS) (2013) is a comprehensive and proactive concept for protecting cyber space and the people in virtual space while guaranteeing human rights. It enhances the security and resilience of Austrian infrastructures and services in cyber space. Most importantly, it builds awareness and confidence in the Austrian society.
The strategy identifies 7 fields of action & measures:
- Field of action 1 – structures and processes
- Field of action 2 - governance
- Field of action 3 - cooperation between the government, economy and society
- Field of action 4 – protection of critical infrastructures
- Field of action 5 – awareness raising and training
- Field of action 6 – research and development
- Field of action 7 – international cooperation
National Cyber Security Strategy
|Year of adoption||2013|
|Updates and revisions|
|Implementation and monitoring||The implementation of measures of the ACSS are coordinated by the Cyber Security Steering Group. Based on the ACSS, the competent ministries develop sub-strategies for their sphere of responsibilities. The ministries represented in the Cyber Security Steering Group submit an Implementation Report to the federal government every two years.|
Main measures related to businesses
|Risk assessment plan||
Austria’s Cyber Crisis Management consists of representatives of the state and of operators of critical infrastructures. As far as its composition and work procedures are concerned, it is modelled on the Governmental Crisis and Civil Protection Management (Krisen- und Katastrophenmanagement/SKKM).
Crisis management and continuity plans are prepared and updated regularly on the basis of risk analyses for sector-specific and cross-sectoral cyber threats in cooperation with public institutions and the operators of critical infrastructures.
Current status: NIS Directive and national CERTs/CSIRTs
GovCERT (operated by the Federal Chancellery as the government’s CERT) has detailed responsibilities, powers and spheres of action, an institutional embedding within the public administration, and a clear role in the event of crisis as well as its interaction with the Operational Coordination Structure.
To facilitate operational international cooperation in this area it is supported by the Cyber Crime Competence Center (C 4) of the Federal Ministry of the Interior.
The Austrian CERT Association is being consolidated and CERT.at strengthened to facilitate national cooperation among Austrian CERTs. The goal is to help promote the establishment of CERTs in all sectors on the one hand and to intensify the exchange of information and experience on CERT-specific issues on the other hand.
As a basis of operational capabilities for the prevention of cyber attacks, MilCERT (set up within the Federal Ministry of Defence and Sports) is commissioned to protect networks and to further develop the Cyber Security Survey.
|Report an incident|
|Date inserted||September 2016|