Germany (DE)

Current status:

The National Cyber Security Strategy was officially adopted in February 2011. The strategy is based upon 10 main objectives:

OB 1 Protection of critical information infrastructures
OB 2 Secure IT systems in Germany
OB 3 Strengthening IT security in the public administration
OB 4 National Cyber Response Centre
OB 5 National Cyber Security Council
OB 6 Effective crime control also in cyberspace
OB 7 Effective coordinated action to ensure cyber security in Europe and worldwide
OB 8 Use of reliable and trustworthy information technology
OB 9 Personnel development in federal authorities
OB 10Tools to respond to cyber attacks

The National Strategy also set up two federal cyber security entities:

  • a National Cyber Response Centre which cooperates with the Federal Office for the Protection of the Constitution and the Federal Office of Civil Protection and Disaster Assistance, as well as federal police, intelligence, and customs agencies. Its main aim is to analyze cybersecurity incidents and provide recommendations for action to a newly established National Cyber Security Council on a regular basis and in response to specific incidents.
  • a National Cyber Security Council responsible for implementation of the government’s cybersecurity strategy. The council will include representatives from the Federal Chancellery, Federal Foreign Office, a number of key ministries, including interior, defense, economics and technology, justice, finance, and education and research, as well as from the state governments.

 

National Cyber Security Strategy

Year of adoption The National Cyber Security Strategy was officially adopted in February 2011.
Updates and revisions No updates or revision by now.
Implementation and monitoring

One of the key provisions in the amendment of 2009 (“Act to Strengthen the Security of Federal Information Technology”) established the BSI as the central authority responsible for ensuring the security of the federal government’s information technology. When the law went into effect on 20 August 2009, the BSI became the central notification point for federal agencies on matters of IT security. Since then it collects information on security vulnerabilities and new attack methods that threaten the security of information technology, analyses them and issues situation reports.

Because of the potential for threats to spread rapidly from conventional IT systems to industrial systems, the 2015 amendment ( “Act to Increase the Security of Information Technology Systems”) placed particular emphasis on strengthening IT security for operators of critical infrastructures. Because they are equally indispensable for the common good and ever more dependent on IT, in future they are to maintain a minimum level of IT security and report IT security incidents to the BSI. For its part, the BSI collects all information relevant to defence against attacks on the IT security of critical infrastructures. This information is evaluated and referred to the operators and to the competent (supervisory)
authorities.
As a result of the law that went into effect on 25 July 2015, the BSI will assume for the operators of critical infrastruc
tures the same role it assumed in 2009 for federal agencies.

The 2011 National Cyber Security Strategy has been implemented by the Minister of Interior.

Legal capacities

In July 2015 Germany passed the IT Security Act affecting institutions listed as critical infrastructure (transpotation, health, water utilities,finance and insurance, telecommunications).
The law addresses the NIS directive which requires minimum IT security requirements and a reporting scheme for security incidents.

Germany has enacted specific legislation and regulation on cyber security through the following:

-Electronic Signature Act 2001(German language)
-Act on the Federal Office for Information Security 2009 (German language)
-Federal Data Protection Act 2009 (German language)
-Act to Strengthen the Security of Federal Information Technology 2009 (German language)
-Cyber Security Strategy for Germany (English language)
-Freedom of Information Act 2013 (German language)
-IT Security Act (English language)

Operational capacities

A National Cyber Response Centre has been set up in 2011. Members of this centre are different authorities such as The Federal Criminal Police Office (BKA), the Federal Police (BPOL), the Customs Criminological Office (ZKA), the Federal Intelligence Service (BND), the Bundeswehr and authorities supervising critical infrastructure operators.
The centre aims at optimizing the cooperation between others incident response team and national authorities.
The centre will report to the Federal Office for Information Security (BSI) and cooperate directly with the Federal Office for the Protection of the Constitution (BfV) and the Federal Office of Civil Protection and Disaster Assistance (BBK).

Public-private partnership

UP KRITIS is a public-private collaborative initiative between critical infrastructure operators, their professional associations and the relevant government agencies. The aim of this cooperation is to maintain the supply of critical infrastructure services in Germany.

 

Current status: NIS Directive and national CERTs/CSIRTs

Computer security incident
response teams (CSIRTs)

CERT-BUND is the national accredited CERT for Germany. It provides information on risks and threats relating to the use of information technology and seeks out appropriate solutions. This work includes IT security testing and assessment of IT systems, including their development, in co-operation with industry.

CERT NRW (Computer Emergency Response Team Nordrhein-Westfalen) has been commissioned as a focal point for preventive and reactive measures related to security and availability incidents in IT systems by the Interior Ministry of North Rhine-Westphalia. It serves as an information interface between the authorities and institutions of the state administration, the technical expertise of IT.NRW and other German CERTs, in particular the federal and state governments as well as companies.

CERT-RLP depends organizationally to the highest authorities of the Rhineland-Palatinate state administration. Technically, this involves basically the appropriate subset of directly connected to the operated by the LDI nationwide RLP network organizational units.

CERTBw is responsible as the central service in the framework of the Cyber ​​Defence for monitoring, maintaining and restoring the IT security in the Bundeswehr.

Bayern-CERT is primarily aimed at the authorities connected to the Bavarian Authority Network. It includes regular preventive security checks of central components (for example, penetration testing) as well as the advice of the security team and the Commissioner for IT security to the daily tasks of the Bayern-CERT.

Siemens-CERT is the central team for responding to potential security incidents and vulnerabilities related to Siemens products, solutions and services.

S-CERT is the computer emergency response team of the German Sparkassen-Finanzgruppe (Savings Banks Financial Group).

Deutsche Bank Cyber Threat Response Team

CSIRT-ECB (Computer Security Incident Response Team - European Central Bank)

ComCERT  is the Computer Emergency Response Team for Commerzbank network and clients

RUS-CERT (Stuttgart University's Computer Emergency Response Team ) is responsible for the computer and network security in the Stuttgart University's IT infrastructure

KIT-CERT is the Computer Emergency Response Team for Karlsruhe Institute of Technology

DFN-CERT is the Computer Emergency Response Team of the German research network (DFN)

Crytek CSIRT

Best practices:

 

Monitoring system

The National Cyber Security Strategy states that “Federal Government will regularly review whether the aims of the Cyber Security Strategy have been achieved under the overall control of the National Cyber Security Council and will adapt the strategies and measures to the given requirements and framework conditions.”

Report an incident

CERT-BUND Team Email - Main Phone +49 228 99 9582-222

CERTBw Team Email - Main Phone +49 2251 953 3110 - Emergency Phone +49 2251 953 3105

Siemens-CERT Team Email and Public PGP key

S-CERT Team Email - Main Phone +49 228 4495 432 - Fax +49 228 4495 431 - Public PGP Key

Deutsche Bank Cyber Threat Response Team - Team Email  - Main Phone +49 69 910 60465 - Public PGP Key

CSIRT-ECB - Team Email - Main Phone +49-6913446226 - Emergency Phone +49-1706324594 - Public PGP Key

ComCERT - Team Email - Main Phone +49-69-136-42873 - Emergency Phone +49-1706324594 - Public PGP Key

RUS-CERT - Team Email - Main Phone +49 711 685 1 2378 - Fax +49 711 685 8 3688 - Public PGP Key

KIT-CERT - Team Email - Main Phone +49 721 608-45678  - Fax +49 721 608-9-45678  - Public PGP Key

DFN-CERT - Team Email - Main Phone +49 40 808 077-590 - Public PGP Key

Languages Deutsch, English
Date of last WISER analysis October 2016

 

Contact us for more info