Austria (AU)

Current status: National Cyber Security Strategy

The Austrian Cyber Security Strategy /ACSS (Österreichische Strategie für Cyber Sicherheit / ÖSCS) (2013) is a comprehensive and proactive concept for protecting cyber space and the people in virtual space while guaranteeing human rights. It enhances the security and resilience of Austrian infrastructures and services in cyber space. Most importantly, it  builds awareness and confidence in the Austrian society.

The strategy identifies 7 fields of action & measures: 

  • Field of action 1 – structures and processes
  • Field of action 2 - governance
  • Field of action 3 - cooperation between the government, economy and society
  • Field of action 4 – protection of critical infrastructures
  • Field of action 5 – awareness raising and training
  • Field of action 6 – research and development
  • Field of action 7 – international cooperation 

National Cyber Security Strategy

Year of adoption 2013
Updates and revisions  
Implementation and monitoring The implementation of measures of the ACSS are coordinated by the Cyber Security Steering Group.  Based on the ACSS, the competent ministries develop sub-strategies for their sphere of responsibilities. The ministries represented in the Cyber Security Steering Group submit an Implementation Report to the federal government every two years. 

Main measures  related to businesses


Risk assessment plan

Austria’s Cyber Crisis Management consists of representatives of the state and of operators of critical infrastructures. As far as its composition and work procedures are concerned, it is modelled on the Governmental Crisis and Civil Protection Management (Krisen- und Katastrophenmanagement/SKKM).

Crisis management and continuity plans are prepared and updated regularly on the basis of risk analyses for sector-specific and cross-sectoral cyber threats in cooperation with public institutions and the operators of critical infrastructures.

Progress measures



Current status: NIS Directive and national CERTs/CSIRTs

Computer security 

GovCERT (operated by the Federal Chancellery as the government’s CERT) has detailed responsibilities, powers and spheres of action, an institutional embedding within the public administration, and a clear role in the event of crisis as well as its interaction with the Operational Coordination Structure.

To facilitate operational international cooperation in this area it is supported by the Cyber Crime Competence Center (C 4) of the Federal Ministry of the Interior. 

Best practices:

The Austrian CERT Association is being  consolidated and strengthened to facilitate national cooperation among Austrian CERTs. The goal is to help promote the establishment of CERTs in all sectors on the one hand and to intensify the exchange of information and experience on CERT-specific issues on the other hand.

Monitoring system

As a basis of operational capabilities for the prevention of cyber attacks, MilCERT (set up within the Federal Ministry of Defence and Sports) is commissioned to protect networks and to further develop the Cyber Security Survey.

Report an incident  
Languages German
Date inserted September 2016


Contact us for more info