Yesterday the government approved a bill for an IT Security Act (IT-Sicherheitsgesetz) aimed at counteracting the increasing number of cyber attacks and improve the IT security of public authorities and the private sector. The draft also contains new provisions for critical infrastructure, including in particular the energy sector.
A new Section 8a BSIG (Law on the Federal Office for Information Security (BSI)) sets requirements for the safety of information technology systems, components thereof and processes of critical infrastructure. Operators are required to take precautionary measures for critical infrastructure within a period of two years following the entry into force of an ordinance that prescribes further details. According to a new Section 8b BSIG, operators of critical infrastructure have to report significant security incidents to BSI. For more information, please see here and the link below to the internet site of the Federal Ministry for the Interior that drafted the bill.
The bill now will be submitted to Parliament, which will decide in due course.
According to a report on IT security in Germany in 2014 presented by Federal Minister for the Interior Dr. Thomas de Maizière and BSI President Michael Hange, IT security situation in Germany remains tense. Cyber attacks occur daily and are getting more and more professional and targeted.
Source: Federal Ministry for the Interior