Cybersecurity – Current Situation and Future Challenges

Background

Both digitization and digital technologies are developing rapidly, and data is constantly being collected, exchanged and increasingly analyzed using artificial intelligence. At the same time, attacks in virtual space are increasing significantly – both quantitatively and qualitatively. Against this background, security in the digital space is becoming increasingly important. Data is a valuable asset that must be sustainably protected – this applies to individuals as well as to companies and states. This raises numerous questions, for example about the influence of new technologies (e.g., quantum computing), but also sustainability aspects, such as the resilience of legacy systems that have already been rolled out or the long-term availability of data. But legal aspects also play an important role here, for example, how sustainable compliance rules can be implemented. In addition, Germany’s dependence on laws in third countries – digital sovereignty – must be discussed in this context.

Goals

The central challenge is to strategically position Germany in such a way that it remains digitally sovereign. For this to succeed, cybersecurity must be anchored as a national priority and recommendations for areas of activity derived from it. European values such as openness, transparency, traceability and protection of privacy should be brought into focus. Clear standards, rules and interoparobility are needed. In addition, test methods are needed for the continuous evaluation of systems. Risks must become easier to quantify so that adequate, risk-based security solutions can be found. Since there can be no such thing as one hundred percent security, those responsible in politics, business and society must be enabled to make a quantifiable and comprehensible assessment of the prevailing and required security state. They must be able to make a risk-based assessment of what the right level of security is and what risks are associated with different courses of action. In addition, it is important to qualify those responsible in such a way that they can sufficiently weigh up risks and necessary countermeasures. First and foremost, this involves a rethinking in politics, which should give this topic the highest priority. Similarly, companies must also understand and sustainably pursue cybersecurity as a strategic corporate goal (and not just selectively meet the minimum required by law). In addition, awareness must be raised in all parts of society. This is a long-term goal that also entails a cultural change in the way digital media and opportunities are handled and requires significant changes in education and professional training. Security solutions that are as safe and easy to use as possible can help increase acceptance.

The project will investigate which measures and, if applicable key technologies are needed to achieve sustainable security for critical infrastructures, companies, public institutions and citizens, and how these can systematically be developed further. The aim is to identify ways in which a free market for innovations can be stimulated.