The German cyberstrategy defines education in its broadest definition as part of its Action Area 1: Remaining safe and autonomous in a digital environment - Promoting digital literacy among all users. 

It underscores the fundamental importance of responsible behaviour in cyberspace and awareness of the opportunities and specific risks when using IT systems as an integral part of digital literacy. Thereby it mandates:

• Integrating digital education firmly in the educational system, from school and the dual system of vocational education and training, to university, continuing professional training and general adult education. 
• Giving federal states the primary responsibility for schools and universities. The end target is ensuring that by the time young people finish school, they all have the basic technical understanding and fundamental skills to use information and communications technology safely. 
• Tasking the Federal Government with aligning the dual system of vocational education and training more closely with the needs of digital society, amending training regulations accordingly. 
• Ensuring that vocational training centres for multiple employers offer high-quality continuing training in this area as they are being equipped for the digital age with necessary investment in equipment having a high funding priority. The Federal Government will also work with trade and labour unions as well as employers to create more flexible and individual digital continuing training.

The Federal Government has the mandate to expand course offerings in cybersecurity by establishing additional university chairs and supporting leading institutions in the field of STEM education, in particular in computer science, for example with regard to big data analyses, industrial software and IT security. In the process, the Federal Government will also support greater cooperation with private industry, for example in the form of foundations and externally funded teaching and research posts.

Advancing IT security research:

The Federal Government is expanding its research framework programme on IT security, Selbstbestimmt und sicher in der digitalen Welt 2015–2020 (Independent and safe in the digital world 2015–2020), closely linking it to other measures of the Cyber Security Strategy. Research on innovative IT security solutions such as Industry 4.0, medical technology and Mobility 4.0. See, for example, the Cybersecurity Training Lab established by Fraunhofer and a select group of universities. 

A major measure is further strengthening centres of excellence for IT security research through centres that focus on current research topics, provide estimates and assessments for policymakers and develop concrete solutions. Examples cited in the strategy include:

• ATHENE (formerly CRISP) became a National Research Center for Applied Cybersecurity in 2019.

• CISPA, the Helmholtz Centre for Information Security, is a German national big science institution within the Helmholtz Association.

• KIT-KASTEL, Karlsruhe Institute of Technology is a university-based competence centre.

Moreover, the results of government-funded projects to be applied and marketed in products and processes as quickly as possible. In the area of military applications of IT and cyber security, this is the task of the cyber cluster at the Bundeswehr University in Munich, with its Cyber Defence and Smart Data (CODE) research centre. 

The commercial application and further development by businesses and start-ups of innovative ideas in the field of IT security should be an explicit goal of government investment to bring about the greatest possible economic benefit. Active technology scouting can help discover, introduce and further refine the latest technologies. Private venture capital investors can also play an important role in this regard.

• Mannheim University of Applied Sciences – Bachelor Degree in Cyber Security. Year established: 2018. Student intake: 45. European Credit Transfer System (ECTS): 210. Focus: System security, network security, component security, SW security; internships.
• University of Bonn - Bachelor Degree in Cyber Security. European Credit Transfer System (ECTS): 180. 
• University of Passau – Master in Computer Science. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security
• IUBH University of Applied Sciences - Master Degree: Computer Science in Cyber Security. 
• SRH Berlin University of Applied Sciences - Master in Cyber Security. European Credit Transfer System (ECTS): 180-210, depending on course options. Focus:  Implementing security systems and measures in different business environments, blockchain, DevSecOps, information security, security technologies, IT security management, data analysis. Business processes and legal challenges of data protection. 
• Brandenburg University of Technology: Master in Cyber Security. Focus: Principles and methods of cybersecurity and practical knowledge of their applications. Design, implementation and management of cybersecurity concepts for the protection of IT systems and critical infrastructures.
• Academic Institute: Master in Cyber Psychology of Online Communication Student Intake: 50. European Credit Transfer System (ECTS): 90. 

BSI - Federal Office for Information Security

Cyber-Sicherheitsrat Deutschland e.V. - Hubs on health, energy, start-ups and artificial intelligence

TeleTrust IT Security Association

bwcon: Baden-Württemberg: Connected e.V. Network of research institutes and industrial clusters

Center Digitisation.Bavaria (Zentrum Digitalisierung.Bayern / ZD.B) supporting the digital transformation of Bavarian industries and society with 1361 members from SMEs, research, large companies and other ecosystem players

Bayern Innovativ - Cybersecurity

Cool Silicon - start-ups

InnoZent OWL e.V., technology network for sustainable corporate development through re-search, co-operation and innovation

The CYBERWISER.eu CyPR is all about boosting opportunities in the cybersecurity marketplace. 

This European Cybersecurity Professional Register is the place where professionals, juniors or seniors, age can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.

Organisations of any size or sector from SMEs to large companies and public institutions can find and contact the right skills and experiences they need to improve their IT security posture.

January 2021

The information contained here is based on desk research carried out by CYBERWISER.eu, including the ENISA interactive maps on national strategies and educational courses. 

CERT-BUND is the national accredited CERT for Germany. It provides information on risks and threats relating to the use of information technology and seeks out appropriate solutions. This work includes IT security testing and assessment of IT systems, including their development, in co-operation with industry.

• Team Email: certbund@bsi.bund.de
• Telephone: +49 228 99 9582-222

CERT NRW (Computer Emergency Response Team Nordrhein-Westfalen) has been commissioned as a focal point for preventive and reactive measures related to security and availability incidents in IT systems by the Interior Ministry of North Rhine-Westphalia. It serves as an information interface between the authorities and institutions of the state administration, the technical expertise of IT.NRW and other German CERTs, in particular the federal and state governments as well as companies.

• Team Email: cert@it.nrw.de
• Telephone: 0211 9449-2124

CERT-RLP depends organizationally to the highest authorities of the Rhineland-Palatinate state administration. Technically, this involves basically the appropriate subset of directly connected to the operated by the LDI nationwide RLP network organizational units.

• Reporting Form: https://cert.rlp.de/de/ueber-cert-rlp/kontakt/

CERTBw is responsible as the central service in the framework of the Cyber ​​Defence for monitoring, maintaining and restoring the IT security in the Bundeswehr.

• Team Email: certbw@bundeswehr.org
• Telephone: +49 2251 953 3110
• Emergency Phone: +49 2251 953 3105

Bayern-CERT is primarily aimed at the authorities connected to the Bavarian Authority Network. It includes regular preventive security checks of central components (for example, penetration testing) as well as the advice of the security team and the Commissioner for IT security to the daily tasks of the Bayern-CERT.
Team Email: cert@bayern.de
Telephone: 089/7624-1777

Siemens-CERT is the central team for responding to potential security incidents and vulnerabilities related to Siemens products, solutions and services.

• Team Email: productcert@siemens.com
• Public PGP key

S-CERT is the computer emergency response team of the German Sparkassen-Finanzgruppe (Savings Banks Financial Group).

• Team Email: S-CERT@S-CERT.de
• Telephone: +49 228 4495 432
• Fax: +49 228 4495 431
• Public PGP Key

Deutsche Bank Cyber Threat Response Team

• Team Email: Security@db.com 
• Telephone: +49 69 910 60465
• Public PGP Key

CSIRT-ECB (Computer Security Incident Response Team - European Central Bank)

• Team Email: csirt@ecb.europa.eu
• Telephone: +49-6913446226
• Emergency Phone: +49-1706324594
• Public PGP Key

ComCERT  is the Computer Emergency Response Team for Commerzbank network and clients

• Team Email: comcert@commerzbank.com
• Telephone: +49-69-136-42873
• Emergency Phone: +49-1706324594
• Public PGP Key

RUS-CERT (Stuttgart University's Computer Emergency Response Team ) is responsible for the computer and network security in the Stuttgart University's IT infrastructure

• Team Email: cert@uni-stuttgart.de
• Telephone: +49 711 685 1 2378
• Fax: +49 711 685 8 3688
• Public PGP Key

KIT-CERT is the Computer Emergency Response Team for Karlsruhe Institute of Technology

• Team Email: cert@kit.edu
• Telephone: +49 721 608-45678 
• Fax: +49 721 608-9-45678 
• Public PGP Key

DFN-CERT is the Computer Emergency Response Team of the German research network (DFN)

• Team Email: cert@dfn-cert.de
• Telephone: +49 40 808 077-590
• Public PGP Key

The National Cyber Security Strategy states that “Federal Government will regularly review whether the aims of the Cyber Security Strategy have been achieved under the overall control of the National Cyber Security Council and will adapt the strategies and measures to the given requirements and framework conditions.”

The Bundesamt für Verfassungsschutz (BfV), the domestic intelligence service of the Federal Republic of Germany, publishes annual cyber threat reports. The 2016 report stated that Russia and China are the leading sources of cyber attacks on Germany.

January 2021

The information contained here is the result of desk research carried out by CYBERWISER.eu.