The Cyberspace, infinite widths. We write the year 2021. These are the adventures of the Federal Office for Safety in Information Technology (BSI), which has been traveling with its over 1023 men and women’s strong crew for 30 years to explore new cyber risks, new artificial life (ki) and new protection in digitization Pravement, detection and reaction for state, economy and society. Only 600 Earth Kilometers from Berlin, the BSI in Bonn penetrates with its prassident Arne Schedbohm in Cyberszenarien, who has never seen a person before.
So or so similarly the science-fiction-inspired history of the BSI was loud, which was almost exactly 30 years ago, on the 1.1.Was founded in 1991 and that the Federal Ministry of the Federal Ministry of the Interior, for Building and Heimat (BMI) is subordinate. The authority has emerged from the central office for safety in information technology, whose transaction workers in turn was the central office undertaken to the Federal Court of First Instance for the Cipher – which has brought the BSI many years skepticism and mistrust.
The fact that the BSI has a strong organizational organizational approach to intelligence services and investigative remuneration by connecting to the BMI foreclosure, so that parts of the community keep a certain distance. Because always, the question is concerned with whether they are close – for the security not only risk, but also chance – not for the IT security is more harmful. In any case, this leads to unfortunately not always pull all with combined power in a strand.
A body for all
The orientation not only on the state, but in particular on the economy and society, is not always self-resistant to comparable authorities in other countries and therefore a positive orientation, if one has the digitization and the impact on German population in total. She was not given at the BSI from the beginning. In early times, the authority understood rather than stealthy for others and administration. But especially with IT security, "secure islands" are not sufficient given of ever strong networking.
Even though the BSI is still understood in the BMI in the BMI, which is quite young age of 30 years and therefore can not act as independently, it can look back on some achievements. Maybe now also a good time for the BMI, the IT security residence to give the independence that it requires to significantly strongly strong the cyber resilience and cyber security in Germany.
The positive achievements of the authority certainly the over the years updated again and again and sometimes basic renovated BSI IT basic protection, which has created a framework with four BSI standards and the compendium, which supports in the construction of an information security management system (ISMS) and even International compatible The associated ISO / IEC 27001 certificate on the basis of IT basic protection depicts.
Standards and the compendium with concrete assistance and security measures for the methodological protection of processes, persons and IT system landscapes have been given to the specification for and institutions, but always remained freely available for all and were provided with regular information events. The community that has formed around the basic protection has also contributed its own content. For many years, this construct has been established and widely established and widely used as a support for the economy and as a learning and knowledge base for interested privations.
Pioneer in terms of critical infrastructures
For new technologies and IT infrastructure models such as Cloud Security or Artificial Intelligence, BSI initialed field research has been conducted and have been thinking about critical infrastructures for many years – long before this object became an EU-wide legal requirement.
The concept of crosslinking in the sense of networking was realized, among other things, with the Alliance for Cyber Security, which is permanently serving as an exchange platform. IT services and consulting companies, IT manufacturers, and user companies work together in all areas to achieve the explanatory goal: the resistance of the location of Germany to strong Cyber attacks. Not only the exchange of knowledge and experiences, but also various materials and offers should help.
With BSI for Burger, opportunities have also been created to inform society as such and keep up to date. Another pillar of pravention, but also the assistance with safety-relevant falls in resists and companies are the CERT BUND and the "Mobile Incident Response Team".
Controversial future role
These services are gathered, among other things, in the current draft of the IT Security Act 2.0, where the authority should receive more far-reaching tasks such as digital consumer protection and a comprehensive personnel. Thus, the BSI is also integrated stronger in offensive topics, instead of acting as previously defensively. There are also other points of controversial and much discussing the draft law: For example, the authorities in the fight against botnets and unsafe IoT devices should be given powers to access the uncertain systems and reward data or dissipate. The expansion to "Hacker work" as well as the generally more offensive orientation of cyber security is criticized by network activists, security experts and many others.
The 30-year existence of the BSI on 2 is celebrated.-3. February 2021 with the (Coronabed Digital) 17. German IT security congress and other celebrations.