At the first National Conference on IT Security Research in Germany, the directors of the three competence centers for IT security research, namely, KASTEL of Karlsruhe Institute of Technology (KIT), CISPA in Saarbrücken, and CRISP in Darmstadt handed over a position paper on the current status of cybersecurity to Johanna Wanka, Federal Minister of Education and Research. In this paper, the scientists describe major challenges and propose concrete solutions.
Among others, the experts recommend strategic improvements of digital sovereignty in Germany and Europe, specific funding of cybersecurity infrastructures, and improvement of research framework conditions by e.g. research competitions and structures allowing for a rapid response to research needs. The experts point out that the Federal Republic of Germany is in a good situation. Now, strengths have to be identified, pooled, and further extended by international cooperation. The paper is available for downloading on the internet at https://www.kompetenz-it-sicherheit.de/positionspapier-cybersicherheit/ (in german only).
Increasing digitization of everyday life makes information technology and its security highly important for the industry, state, and society. Every day, media are reporting about the theft of client data, cyber espionage or about elections influenced by social bots. New laws and regulations, such as the IT Security Act and the EU Basic Regulation for Data Protection, have improved cybersecurity in Germany and Europe, but threats and challenges remain. As digital and physical worlds are merging, the target for IT-based attacks becomes larger. New technical opportunities, such as big data, cognitive computing, or quantum computers, may also be used by criminals. In many areas of digitization, however, Germany and Europe are no longer capable of developing major key technologies or assessing their safety features. The increase in data-centered business models endangers privacy and today already, complexity of our IT systems can hardly be managed with known engineering methods.
To develop new methods and tools for sufficient protection of complex systems, the scientists recommend further extension of fundamental and applied research into cybersecurity. Establishment of the three competence centers has already increased research capacities. Now, the scientists consider it necessary to improve the framework for innovations: Politics should create more incentives for rapid know-how transfer to enhance the use of research for industry and society and improve the opportunities of German companies on the international market. On the other hand, the experts think that research funding needs increased flexibility to more rapidly respond to changes, such as new IT attacks or changing threats for society and industry. In view of shorter development cycles in IT and growing dynamics of technology, current tender procedures with application phases of several months’ duration do no longer appear adequate. With budgets that can be awarded freely for acute and unforeseen cybersecurity research projects, ministries could respond more rapidly to changes. Funding of several projects competing for the best solution of a given problem would stimulate innovations.
In close partnership with society, KIT develops solutions for urgent challenges – from climate change, energy transition and sustainable use of natural resources to artificial intelligence, sovereignty and an aging population. As The University in the Helmholtz Association, KIT unites scientific excellence from insight to application-driven research under one roof – and is thus in a unique position to drive this transformation. As a University of Excellence, KIT offers its more than 10,000 employees and 22,800 students outstanding opportunities to shape a sustainable and resilient future. KIT – Science for Impact.