The protection of Germany's share of cyber space and the availability of infrastructures that are as resilient as possible are fundamental German policy objectives. A legal basis adapted to the threat situation with regard to the federal administration was created in 2009 through the amendment of the BSI Act.

The strategy forms the interdepartmental strategic framework for the Federal Government's activities related to cyber security and continues the Security Strategy from 2011.
The aim of the strategy is to ensure cyber security at a level commensurate with the importance and sensitivity of networked information infrastructures, without compromising the opportunities and benefits of cyber space
The 'Cyber Security Strategy for Germany 2016' provides more than 30 strategic objectives and measures to improve cyber security, including the introduction of an IT security seal of approval to make cyber security tangible for users, the expansion of cooperation between government and business, and the creation of mobile incident response teams for on-site support. [Source: BMI]

More information on the Cyber Security Strategy for Germany (BMI, 2016) is available on the website of the Federal Ministry of the Interior (BMI).

Activities of the BSI

The BSI uses its facilities and activities in numerous ways that are focused on implementing cyber security in Germany. It operates the following:

• the National IT Situation Centre
• the CERT-Bund, the Computer Emergency Response Team for Federal Agencies
• the lead cooperation in the National Cyber Response Centre
• the collaboration with critical infrastructure protection

These also include multiple additional functions from the product portfolio of the BSI as the German Government's IT security agency.

National Plan for Information Infrastructure Protection (NPSI)

The National Plan for Information Infrastructure Protection (NPSI), which was adopted by the Federal Government in July 2005 as a comprehensive umbrella strategy for IT security, was replaced by the Cyber Security Strategy outlined above.

The NPSI was created as a national IT security strategy under the direction of the Federal Ministry of the Interior, with technical and organisational support from the BSI. The NPSI, which formed the basis for the Federal Government Implementation Plan (UP Bund) and the CIP Implementation Plan (UP KRITIS), defines the three strategic goals of 'prevention, response and sustainability'.