The Business and Society Directorate-General WG forms the BSI's central point of contact to the economy and civil society. These include the following:

• cooperation with economic operators as part of UP KRITIS, an initiative for cooperation between the economy and the state in order to protect critical infrastructure in Germany, and the Alliance for Cyber Security
• carrying out regulatory duties in relation to critical infrastructure
• BSI services for citizens as well as the BSI's new mandate in relation to digital consumer protection
• dialogue with society in general about issues in relation to cyber security
• BSI public relations work

Sections in the Directorate-General WG

Section WG 1 - Cyber security for critical infrastructure

Critical infrastructures (KRITIS) are organisations and facilities of major importance for society whose failure or impairment would cause a sustained shortage of supplies, significant disruptions to public order, safety and security or other dramatic consequences.

To keep the lights on and water flowing out of the tap, to ensure operations take place and data can be accessed from the cloud, the IT systems at the relevant utility company, hospital or data centre must be working reliably. For this reason, the German IT Security Act requires KRITIS operators to take steps to ensure a suitable level of IT security.

The teams in KRITIS section WG 1 provide support to the operators of critical infrastructure in their efforts to protect their mission-critical services and comply with the law, and help in this way to ensure security of supply in Germany.

The teams maintain direct contact with critical infrastructure operators from the various industries in their sector, so as to provide advice and support. Activities include creating recommendations and models for KRITIS protection, assisting operators and their associations in drawing up industry-specific security standards, which are submitted to BSI for a suitability assessment, providing support for the evaluation of IT security incidents and reviewing records documenting the implementation of IT security measures.

Section WG 2 - Cyber security for business

Section WG 2 is the centralised liaison office at the BSI for all economic operators who do business in sectors unrelated to critical infrastructure. Staff work closely with their customers, developing a keen sense of the needs and issues facing entrepreneurs, and therefore providing an important point of contact for the BSI as a whole. Regular cooperation with other divisions is also a major part of their work.

The section is also directly responsible for the Alliance for Cyber Security: formed in 2012, this is an information and networking initiative that primarily serves the needs of business. A centralised office for cooperation with IT manufacturers and service providers is now being established. In the long run, the aim here is to set up a key account management service for this group of clients, so as to focus the BSI's many manufacturer-related activities more effectively.

Last but not least, the section also manages virtually all of the BSI's public relations work, from trade fairs, congresses and events to the many print publications and websites, presentation graphics and multimedia communications. All of this is of course only possible thanks to close cooperation and coordination with the other departments and the BSI's Strategic Communication and Press Office.

Section WG 3 - Digital consumer protection, cyber security for society and citizens

Section WG 3 designs and coordinates all BSI activities relating to digital consumer protection and forms the central interface to societal stakeholders. Most of the staff are based in Freital, Saxony, but they also work in Bonn.

The goal of the department is to establish the BSI as an independent body for consumer protection in digitalization. Therefore...

• the BSI creates the foundations and framework conditions for providers and manufacturers to design secure and trustworthy products and services.
• informs, advises and warns consumers so that they can use digital products and services safely.
• supports consumers in increasing their resilience so that they can cope with IT security incidents.

A central service center for first-level support for inquiries also expands the BSI's range of offerings.

Section WG 4 - Cybersecurity in civil aviation

Section WG 4 coordinates and controls all cyber security measures in civil aviation. The teams work at the BSI locations in Freital (Saxony) and Bonn (North Rhine-Westphalia).

An important goal of the BSI is to protect and secure civil aviation against cyber attacks, especially with regard to acts of sabotage and terrorist attacks. This includes preventive measures in the area of information security, such as protection against threats, but also the detection of and reaction to potential attacks in cyberspace. The appropriate, practical and timely exchange of information about vulnerabilities, malware or similar is also essential. Regulated companies therefore identify their critical information and communications technology systems and data used for civil aviation. To prevent cyber attacks on systems and data that may affect the security of civil aviation, these systems must be protected and appropriate cyber security measures must be established.

In addition, the teams also develop the requirements for bodies and operators in accordance with Sections 5, 8, 9 and 9a of the “Luftsicherheitsgesetz (LuftSiG)” and continuously develop them further. Together with the operation of the warning and reporting system, the goal is to achieve and permanently maintain a high and comparable level of information security for all those involved.