www.bmi.bund.de

International Cyber Warfare and Security Conference

Cyber Defence

Germany's Analysis of Global Threats

19th November 2013,

Ankara

www.bmi.bund.de

Motivation for the new german cyber security strategy: Changed Security Situation

2

Cyber SecurityCrime

Underground Economy

Hacker, Cracker

CompetitionEspionage

Military

Intelligence

Services

Interconnection

Complexity of IT

Systems

Short Innovation

Cycles

Convergency of Networks

IP

Busisness Processes on the

Internet

www.bmi.bund.de

Industry

Fed. Gov.

Local Authorities

Shared ResponsibilityJoined Action

3

Citizens

Fed. States

Operators of CII

www.bmi.bund.de

Framework ConditionsIssues and Action Lines

Cyberspace Security

Resilience of Infrastructure

Integrity and Availability (failure safety) of Systems and Data

Security in Cyberspace

Secure Action in Cyberspace

Authenticity, Integrity, Confidentiality of Data and Networks

Legal Security Legal Obligation

Security against Crime

Security against Malicious Activities

Internet as a Public SpaceInternet as a Public Good

4

www.bmi.bund.de

Cyber-security-strategygoals and measures

5

National Cyber Security CouncilNational Cyber Security Council

National Cyber Response CenterNational Cyber Response Center

Critical IT Infrastructure

Critical IT Infrastructure

IT of CitizensIT of Citizens IT in the Public AdministrationIT in the Public Administration

Effective Crime ControlEffective Crime Control

International Cooperation (EU, worldwide) International Cooperation (EU, worldwide)

Personnel development Fed. Gov.Personnel development Fed. Gov.

Use of Reliable and Trustworthy Information

Technology

Use of Reliable and Trustworthy Information

Technology

Response to Cyber- AttcksResponse to Cyber- Attcks

www.bmi.bund.de

Participants in the National Cyber Response Center

6

BSI, BfV, BBk

BKABw

BND

BPol

ZK

A

BAFin

BNetzA

LBAEBA

DW

D

Supervision CIIP

…

Federal States

www.bmi.bund.de

National Cyber Response Center

Information is supplied by …

7

Cyber Response

CenterBSI CERT, Command centre int. CERT Association (monitoring/reports)

BKA(modus operandi, crime trends)

Implementation Plan Federation/Federal Gov(incidents, counter-measures)

Implementation Plan KRITIS(incidents, counter-measures)

Federal Armed Forces(intelligence; own experience/ findings)

.:

.:

.:

.:

.:

.:

.:

Supervisory authorities(routine and incident-related)

Hard- and software suppliers(vulnerabilities, counter-measures)

.:

Federal Intelligence Service(intelligence; own experience/ findings)

www.bmi.bund.de

National Cyber Response Centre

Information is supplied to …

8

Nat. Cyber Response

Centre BKA, ZKA, Bundeswehr, BND(all types of intelligence)

National Cyber Security Council(periodic reports, recommendations)

Hard- and software suppliers(vulnerabilities and recommendations)

BSI-CERT and Command Centre(coordinated evaluations/recommendations)

Crisis management staff(support in times of crisis)

IP KRITIS / IP Federation/Fed. Gov.(vulnerabilities, alerts, reecommendations)

Industry in general(alerts, recommendations)

Federal states depending on structure

General public (alerts)

www.bmi.bund.de

Communication Architecture in the Implementation Plan kritis

Cyber ResponseCenter

SPOCSector 1

SPOCSector n

Single Pointsof Contact

companies

Company 1

Company 2

Company 3

Company x

CERTSIndustry

...

...

www.bmi.bund.de

Federal Office for Information Security (BSI) &National Cyber Response Centre

Findings after the first year

More than 900 incidents analysed

80/20 rule confirmed:

About 80% of cyber attacks could be prevented if the basic 20% of known counter-measures were consistently applied!

Among the remaining 20% there is a growing number of very sophisticated attacks – for all we know by special forces

10

www.bmi.bund.de

National Cyber Security Council - Tasks

11

www.bmi.bund.de

The National Cyber-Security CouncilCoordinates Instruments andOverlapping Policy Making

12

Goals and Tasks

Coordination of Cyber Security Policy Stances

Identification und Correction of Structural Trouble Spots

Discussion of Cyber Security Issues, new technologies

Transparency in Collaboration

Recommendations to the Cyber Response Center

www.bmi.bund.de

Next steps – key questions

Ongoing implementation of strategy

This includes, e.g.:

Enhancing and extending cooperation on critical infrastructure protection

Creating more PC security by increasing provider responsibility

Intensifying cooperation both at home and abroad

Establishing norms of state behaviour in Cyberspace in international fora (G8, United Nations)

13

www.bmi.bund.de

Draft IT Security Act- Draft provisions to improve the protection of

Critical National Infrastructure (CNI) -

Legal obligation to meet minimum organizational and technical IT security standards in the field of CNI; state of the art.

Industries to work out standards. Federal Office for Information Security (BSI) to recognize suitable standards, after consultation with supervisory authorities.

Security audits to be conducted every two years; list of audits and identified deficiencies to be forwarded to BSI; BSI may require operators to remedy problems immediately.

Major IT incidents to be reported to BSI directly.

Purpose of reports: BSI to compile situation reports and to inform CNI operators when necessary.

www.bmi.bund.de

Draft IT Security Act- Draft provisions governing ICT providers/operators -

ICT industry: Key role in cyber security

Telecommunications network operators and providers of telecommunications services for the general public should always take into account the state of the art when

seeking to guarantee IT security. should report IT security incidents, even if they have not

caused direct disruptions of telecommunications networks/services.

should inform users about failures caused by their systems and point out technical remedies for such problems.

Telemedia service providers (acting on a commercial basis and, as a general rule, for payment) should safeguard state-of-the-art IT security to the extent technically possible and reasonable.

www.bmi.bund.de

Thank you

http://www.bmi.bund.de

16