At the first National Conference on IT Security Research in Germany, the directors of the three competence centers for IT security research, namely, KASTEL of Karlsruhe Institute of Technology (KIT), CISPA in Saarbrücken, and CRISP in Darmstadt handed over a position paper on the current status of cybersecurity to Johanna Wanka, Federal Minister of Education and Research. In this paper, the scientists describe major challenges and propose concrete solutions.
Among others, the experts recommend strategic improvements of digital sovereignty in Germany and Europe, specific funding of cybersecurity infrastructures, and improvement of research framework conditions by e.g. research competitions and structures allowing for a rapid response to research needs. The experts point out that the Federal Republic of Germany is in a good situation. Now, strengths have to be identified, pooled, and further extended by international cooperation. The paper is available for downloading on the internet at https://www.kompetenz-it-sicherheit.de/positionspapier-cybersicherheit/ (in german only).
Increasing digitization of everyday life makes information technology and its security highly important for the industry, state, and society. Every day, media are reporting about the theft of client data, cyber espionage or about elections influenced by social bots. New laws and regulations, such as the IT Security Act and the EU Basic Regulation for Data Protection, have improved cybersecurity in Germany and Europe, but threats and challenges remain. As digital and physical worlds are merging, the target for IT-based attacks becomes larger. New technical opportunities, such as big data, cognitive computing, or quantum computers, may also be used by criminals. In many areas of digitization, however, Germany and Europe are no longer capable of developing major key technologies or assessing their safety features. The increase in data-centered business models endangers privacy and today already, complexity of our IT systems can hardly be managed with known engineering methods.
To develop new methods and tools for sufficient protection of complex systems, the scientists recommend further extension of fundamental and applied research into cybersecurity. Establishment of the three competence centers has already increased research capacities. Now, the scientists consider it necessary to improve the framework for innovations: Politics should create more incentives for rapid know-how transfer to enhance the use of research for industry and society and improve the opportunities of German companies on the international market. On the other hand, the experts think that research funding needs increased flexibility to more rapidly respond to changes, such as new IT attacks or changing threats for society and industry. In view of shorter development cycles in IT and growing dynamics of technology, current tender procedures with application phases of several months’ duration do no longer appear adequate. With budgets that can be awarded freely for acute and unforeseen cybersecurity research projects, ministries could respond more rapidly to changes. Funding of several projects competing for the best solution of a given problem would stimulate innovations.
Being “The Research University in the Helmholtz Association”, KIT creates and imparts knowledge for the society and the environment. It is the objective to make significant contributions to the global challenges in the fields of energy, mobility, and information. For this, about 9,600 employees cooperate in a broad range of disciplines in natural sciences, engineering sciences, economics, and the humanities and social sciences. KIT prepares its 23,300 students for responsible tasks in society, industry, and science by offering research-based study programs. Innovation efforts at KIT build a bridge between important scientific findings and their application for the benefit of society, economic prosperity, and the preservation of our natural basis of life. KIT is one of the German universities of excellence.