This year's report "The situation of IT security in Germany" from the Federal Office for Information Security (BSI) offers a presentation and analysis of the cybersecurity landscape in Germany and shows that there is a need not only for securing companies and authorities, but also for There are still major challenges in recognizing the importance of digitalization and cybersecurity.
Discussions about post-quantum cryptography (PQK) and the construction and use of a public key infrastructure (PKI) are also important topics in cybersecurity this year. The report highlights the need for a hybrid model that combines algorithms PQK integrated with existing PKI. This approach is not just a strategic preference, but a necessary response to the rapidly changing cryptographic standards and potential vulnerabilities in PQK algorithms, underscoring the importance of crypto agility in today's digital landscape.
PQK and modern cybersecurity
Post-quantum cryptography was developed with the aim of securing communications against potential threats from quantum computers. The increasing power of quantum computers poses significant risks to the current encryption standards that underpin much of our digital security. To protect against attacks by quantum computers, PQK algorithms are currently being developed to ensure the security of encrypted data even in a future in which quantum computers are widespread.
However, integrating PQK into existing security infrastructures presents challenges. It is important to carefully manage the transition to quantum-resistant algorithms, maintaining compatibility with existing systems and ensuring uninterrupted security during the migration phase. The hybrid approach, as recommended in the BSI report, becomes crucial here. By combining traditional PKI with new PQK techniques, organizations have the opportunity to protect their current systems while preparing for a quantum secure future. This dual strategy ensures that security infrastructure remains robust against both conventional and future quantum threats, providing comprehensive protection for digital assets in an increasingly connected world.
Social perception of cyber risks
The fact that cybercriminals have been able to establish themselves in a kind of “shadow economy” also shows that we as a society still do not take the digital space seriously enough: The development of this (largely under-recognized) cybercrime reveals that it is is a challenge for society as a whole. It is important to counteract the general underestimation of the risks of digital technology in order to limit the effectiveness of threat actors' strategies.
Increasing digitalization in both the public and commercial sectors increases the risks and potential impact of cybersecurity vulnerabilities. As the report outlines, the frequency of product vulnerabilities and ransomware attacks highlights these dangers. The weakest link in the cybersecurity chain is often not technology, but people.
Companies that hide ransomware attacks are also contributing to this increase. Only when we as a society truly understand that identity theft affects all of our lives just as much as stealing a wallet while visiting the Christmas market will there be a rethink. This analogy illustrates the need for a societal paradigm shift in how we perceive and deal with cybersecurity.
More at BSI.Bund.de
About the BSI
The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.
Matching articles on the topic