Cybersecurity is a critical concern for national and international authorities. In the DACH region (Germany, Austria, and Switzerland), multiple agencies and departments collaborate to enhance and maintain robust cybersecurity measures. These entities are responsible for the coordination, implementation, and enforcement of national cybersecurity strategies.
In Germany, the Federal Office for Information Security (BSI) is the primary authority for cybersecurity. Operating under the Ministry of the Interior, BSI is tasked with protecting the nation’s digital infrastructure and providing cybersecurity services across federal agencies. The BSI acts as the chief architect of Germany's cybersecurity landscape, ensuring secure digitalization processes.
Germany's national Computer Emergency Response Team, CERT-Bund, functions within the BSI. It handles cybersecurity incidents that affect federal agencies, ensuring coordinated and efficient incident response. In addition to CERT-Bund, various sector-specific CERTs operate within Germany, addressing the unique cybersecurity needs of different industries.
Cross-departmental groups and committees, such as the IT Planning Council, play a significant role in policymaking for cybersecurity, critical infrastructure security, and telecom security. These entities ensure a harmonized approach to cybersecurity across different governmental and industrial sectors.
Switzerland's primary cybersecurity authority is the National Cyber Security Centre (NCSC), which functions under the Federal Department of Finance. The NCSC serves as the federal government’s competence center for cybersecurity, addressing a wide range of cyber threats and coordinating the national response.
GovCERT is a critical component of the NCSC, providing specialized cybersecurity services to public authorities and critical infrastructures. GovCERT is responsible for incident response, security assessments, and providing guidance on best practices.
SWITCH-CERT operates within the Swiss academic and research network, offering cybersecurity services to educational institutions. It focuses on incident response, threat intelligence, and awareness programs to protect the academic community.
In Austria, the Federal Chancellery oversees national cybersecurity efforts through Department I/8. This department coordinates the implementation of Austria's national cybersecurity strategy and works closely with various governmental bodies to enhance cyber resilience.
GovCERT Austria is the governmental CERT responsible for handling cybersecurity incidents within the public administration. It provides incident response services, threat intelligence, and security advisories to public sector entities.
The National CERT Austria (CERT.at) serves as the primary point of contact for cybersecurity incidents affecting the general public and private sector. CERT.at offers incident response services, coordinates with international CERTs, and provides resources to improve national cybersecurity posture.
By leveraging the expertise and resources of these national authorities, the DACH region aims to create a secure and resilient digital environment. Each entity plays a vital role in protecting critical infrastructure, responding to incidents, and shaping cybersecurity policy to address emerging threats.