In the name of cybersecurity

Cyber-AZ was established in 2011. It is designed to optimize operational cooperation and coordinate protection and defence measures. Information on cyberattacks is compiled and evaluated on information infrastructures – this is carried out by each authority from its own perspective and within its own sphere of responsibility. The following authorities are currently represented in Cyber-AZ: the Federal Office for Information Security (BSI), the Federal Criminal Police Office (BKA), the Federal Police (BPol), the Federal Office for the Protection of the Constitution (BfV), the Foreign Intelligence Service (BND), the Federal Office for Military Counter-Intelligence (BAMAD), the Federal Office for Civil Protection and Disaster Assistance (BBK), the Customs Criminal Police Office (ZKA), the Federal Armed Forces (BW) and the Federal Financial Supervisory Authority (BaFin).

The BKA is the central office of the German police and has extended its scope of work in the national fight against crime to include cyberspace. It ensures national coordination, operational evaluation and strategic cooperation. It solves crimes in cyberspace, conducts investigations and works to prevent cybercrime. The BKA is also part of the Federal Ministry of the Interior.

BSI is the federal cybersecurity authority. BSI shapes information security in digitalization for the state, economy and society through prevention, detection and reaction. According to the federal government, this office’s expertise is recognized both at national and international level. Its work ranges from defence against cyberattacks to consulting services, developing security recommendations, best practices and standards, as well as certification. BSI also supports the federal administration with the ‘Computer Emergency Response Team Bund’ (CERT-Bund) and with the ‘Mobile Incident Response Team’ (MIRT). It also operates the ‘National IT Situation Centre’, which is in constant contact with the ‘Joint Reporting and Situation Centre of the Federal Government and the Federal States’. The clear focus of the Situation Centre and CERT is to respond immediately and specifically to incidents, to manage the situation and to restore technical security. BSI is part of the Federal Ministry of the Interior, Building and Community (BMI).

It is the task of the BfV to fend off and investigate cyberattacks on the state and private institutions. To this end, the office observes how extremists, terrorists or foreign intelligence services use new technical means to conduct espionage in Germany, spread political disinformation or sabotage computers. According to its own information, the BfV collects, for example, “information about efforts that are directed against the free democratic basic order or against the security of Germany or one of its federal states”. The BKA is also part of the Federal Ministry of the Interior.

The BND is Germany's foreign intelligence service and acts on behalf of the federal government. Abroad, it observes attacks that are intended to serve cyberespionage or sabotage in Germany and warns affected stakeholders at home so that defence mechanisms can be initiated. The BND is part of the Federal Chancellery.

ZITiS was founded in 2017 and, according to its own statements, sees itself as ‘Cyber Authority 4.0’. ZITiS is the central service provider for the German security authorities. It supports and advises the authorities in matters related to IT skills. To this end, ZITiS bundles technical know-how with cyber-related expertise, conducts central research on new technologies and develops methods and tools to support the authorities in investigation and reconnaissance. It also works on topics, such as digital forensics, telecommunications surveillance, cryptanalysis and big-data analysis, as well as crime prevention, hazard prevention and counter-espionage.

Where the BMI relies on ZITiS, the Federal Ministry of Defence has access to the Cyber Innovation Hub (CIH), the Cyber Defence Research Institute (CODE) at the University of the Federal Armed Forces, Bundesweite IT-Systemhaus GmbH (BWI) or the Federal Office for Equipment, Information Technology and Utilisation of the Federal Armed Forces (BAAINBw). The CIH offers a platform for linking the Federal Armed Forces and start-ups in order to research and develop innovative technologies for the Federal Armed Forces. CODE pursues the goal of implementing innovative technical innovations to protect data, software and systems for the Federal Armed Forces. Publicly owned BWI GmbH has comprehensively modernized the IT systems of the Federal Armed Forces. The current focus of this IT service provider includes the operation and modernization of non-military information and communication technologies of the Federal Armed Forces.

In 2018, the German government decided to establish the Agency for Innovation in Cybersecurity (Cyberagency) which is to be set up at Leipzig/Halle Airport by 2022. The agency's task will be to promote the development of innovative solutions in the field of cybersecurity. It also aims to help Germany to increase its own technological sovereignty in cybersecurity. One hundred IT specialists will work on security issues in the Federal Armed Forces and the police. The agency is jointly supervised by the Federal Ministry of Defence (BMVg) and the Federal Ministry of the Interior, Building and Community (BMI).

Founded in 2011, the Cyber-SR is the strategic advisor of the federal government. It organizes cooperation in cybersecurity both within the federal government as well as between the government and industry. According to the federal government, the Cyber-SR identifies long-term needs for action and trends and uses this to strengthen cybersecurity. It brings together representatives of the federal government, the federal states and industry and is supported by a scientific expert and advisory committee. The chairman of the Council is the Federal Government Commissioner for Information Technology (BfIT).

The establishment of the German Institute for Internet Security (DIIS) was already announced by the Federal Foreign Office (AA) back in 2016. This institute will focus on cybersecurity issues related to international stability and crisis prevention. In the 2018 coalition agreement, the establishment of the Agency for Innovation in Cybersecurity (ADIC) was decided. Under the leadership of the BMI and BMVg, this cyberagency is to ensure “technological innovation leadership” in the field of security-relevant key technologies.

Thirteen of Germany’s sixteen federal states have established cybercrime centres to combat and investigate cybercrime. The cybercrime centres are organized mainly in the police sector of the corresponding state criminal investigation offices or in the public prosecutor's offices.

The federal-state CERTs are the Computer Emergency Response Teams of the individual federal states. Within the framework of the Administrative CERT Network (VCV), the federal government and the federal states work together to set up and operate the federal-state CERTs. The federal-state CERTs cooperate with the CERT Alliance at BSI.

The Administrative CERT Network (VCV) is a platform where the CERT Group and the existing federal-state CERTs can exchange information. The aim of this network is to strengthen IT crisis prevention and response and to improve IT security in the public administration.

The Common Reporting and Situation Centre (GMLZ) is responsible for providing a uniform picture of the civil protection situation for the federal government, the federal states and the specialist authorities. To this end, it monitors and evaluates relevant events in Germany and abroad around the clock and reports on them in the daily situation report or in targeted situation reports.

The ITZBund is the IT service provider of the federal administration. It is part of the Federal Ministry of Finance and one of its tasks is to improve protection against cyberattacks. The ITZBund was founded in 2016 from three predecessor authorities: the Federal Office for Information Technology (BIT), the Federal Institute for IT Services (DLZ-IT BMVI) and the Centre for Information Processing and Information Technology (ZIVIT). The purpose of this move was to bundle the IT capacities of the federal government.