Germany's Cybersecurity Architecture Translation of the 6Th German Edition
Total Page:16
File Type:pdf, Size:1020Kb
April 2021 · Rebecca Beigel & Dr. Sven Herpig Supported by Christina Rupp Germany's Cybersecurity Architecture Translation of the 6th German Edition Think Tank für die Gesellschaft im technologischen Wandel Impulse April 2021 Germany's Cybersecurity Architecture Table of Contens 1. Background 11 2. Visualization of Cybersecurity Architecture 13 3. Actors and Abbreviations 14 4. Explanation: Actors at EU level 27 Agentur der Europäischen Union für Cybersicherheit (European Union Agency for Cybersecurity, ENISA, official translation) 27 Agentur der Europäischen Union für justizielle Zusammenarbeit in Strafsachen (European Union Agency for Criminal Justice Cooperation, Eurojust, official translation) 27 Computer Emergency Response Team der Europäischen Kommission (Computer Emergency Response Team of the European Commission, CERT-EU, official translation) 28 Contractual Public-Private Partnership on Cybersecurity (cPPP) 28 Computer Security Incident Response Teams Netzwerk (Computer Security Incident Response Teams Network, CSIRTs Network, official translation) 29 Cyber Crisis Liaison Organisation Network (CyCLONe) 29 Cyber and Information Domain Coordination Centre (CIDCC) 30 Direktion Krisenbewältigung und Planung (Crisis Management and Planning Directorate, CMPD, official translation) 30 ENISA-Beratungsgruppe (ENISA Advisory Group, ENISA AG, official translation) 30 EU-Analyseeinheit für hybride Bedrohungen (EU Hybrid Fusion Cell, official translation) 31 Europäische Agentur für das Betriebsmanagement von IT-Großsystemen im Bereich Freiheit, Sicherheit und Recht (European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice, eu-LISA, official translation) 31 Europäische Gruppe für die Cybersicherheitszertifizierung (The European Cybersecurity Certification Group, ECCG, official translation) 32 Europäische Kommission (European Commission, EK, official translation) 32 Europäische Kooperation für Akkreditierung (European co-operation for Accreditation, EA, official translation) 33 Europäische Polizeiakademie (The European Union Agency for Law Enforcement Training, CEPOL, official translation) 33 Europäische Verteidigungsagentur (European Defence Agency, EVA, official translation) 34 Europäischer Auswärtiger Dienst (European External Action Service, EAD, official translation) 34 2 Impulse April 2021 Germany's Cybersecurity Architecture Europäische:r Datenschutzbeauftragte:r (European Data Protection Supervisor, EDSB, official translation) 35 Europäischer Rat (European Council, ER, official translation) 35 Europäisches Amt für Betrugsbekämpfung (European Anti-Fraud Office, OLAF, official translation) 35 Europäisches Polizeiamt (European Police Office, Europol, official translation) 36 Europäisches Sicherheits- und Verteidigungskolleg (European Security and Defence College, ESVK, official translation) 36 Europäisches Zentrum für Industrie, Technologie und Forschung im Bereich der Cybersicherheit (European Cybersecurity Industrial, Technology and Research Competence Centre, ECCC, official translation) 37 Europäisches Zentrum zur Bekämpfung der Cyber-Kriminalität (European Cybercrime Center, EC3, official translation) 37 European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE) 38 European Cybercrime Training and Education Group (ECTEG) 38 European Cyber Security Organisation (ECSO) 38 European Government CERTs group (EGC group) 39 European Judicial Network (EJN) 39 European Judicial Cybercrime Network (EJCN) 39 European Judicial Training Network (EJTN) 40 European Union Cybercrime Task Force (EUCTF) 40 Gemeinsame Forschungsstelle (Directorate-General Joint Research Centre, GD JRC, official translation) 40 Generaldirektion Forschung und Innovation (Directorate-General for Research and Innovation, GD RTD, official translation) 40 Generaldirektion Informatik (Directorate-General for Informatics, GD DIGIT, official translation) 41 Generaldirektion Kommunikationsnetze, Inhalte und Technologien (Directorate-General for Communications Networks, Content and Technologies, GD CONNECT, official translation) 41 Generaldirektion Migration und Inneres (Directorate-General for Migration and Home Affairs, GD HOME, official translation) 42 Gruppe der Interessenträger für die Cybersicherheitszertifizierung (Stakeholder Cybersecurity Certification Group, official translation) 42 Horizon 2020 42 Horizontal Working Party on Cyber Issues (HWP) 43 Institut der Europäischen Union für Sicherheitsstudien (European Union Institute for Security Studies, EUISS, official translation) 43 Intelligence Directorate des EU-Militärstabs (Intelligence Directorate of the European Union Military Staff, EUMS INT, official translation) 43 Inter-Service Group “Community Capacity in Crisis-Management” (ISG C3M) 44 3 Impulse April 2021 Germany's Cybersecurity Architecture Inter-Service Group “Countering Hybrid Threats” (ISG CHT) 44 Kontaktgruppe zum Schutz Kritischer Infrastrukturen (CIP Contact Group, SKI-Kontaktgruppe, official translation) 44 Kooperationsgruppe unter der NIS-Richtlinie (NIS Cooperation Group, official translation) 45 MeliCERTes 45 Militärausschuss der Europäischen Union (European Union Military Committee, EUMC, official translation) 46 NIS Public-Private Platform (NIS Platform) 46 Politisches und Sicherheitspolitisches Komitee (Political and Security Committee, PSK, official translation) 46 Rat der Europäischen Union (Council of the European Union, Council, official translation) 47 Reference Incident Classification Taxonomy Task Force (TF-CSIRT) 48 Senior Officials Group Information Systems Security (SOG-IS) 48 Ständige Strukturierte Zusammenarbeit (Permanent Structured Cooperation, PESCO, official translation) 48 Taxonomy Governance Group (TGG) 49 Zentrum für die Koordination von Notfallmaßnahmen (Emergency Response Coordination Centre, ERCC, official translation) 49 Zentrum für Informationsgewinnung und -analyse (EU Intelligence Analysis Centre, INTCEN, official translation) 49 5. Explanation: Actors at NATO level 51 Allied Command Operations (ACO) 51 Allied Command Transformation (ACT) 51 Cyber Defence Committee (CDC) 52 Emerging Security Challenges Division (ESCD) 52 Joint Intelligence and Security Division (JISD) 53 NATO Communications and Information Agency (NCIA) 53 NCI Academy 54 NATO Computer Incident Response Capability (NCIRC) 54 NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) 55 NATO Consultation, Control and Command Board (C3B) 55 NATO Cyber Defence Management Board (CDMB) 56 NATO Cyber Security Centre (NCSC) 56 NATO Cyberspace Operations Centre (CyOC) 56 NATO-Militärausschuss (NATO Military Committee, MC, official translation) 57 NATO School Oberammergau (NS-O) 57 NATO Security Committee (SC) 58 Nordatlantikrat (North Atlantic Council, NAC, official translation) 58 4 Impulse April 2021 Germany's Cybersecurity Architecture 6. Explanation: Actors at Federal Level 59 Agentur für Innovation in der Cybersicherheit (Agency for Innovation in Cybersecurity, Cyberagentur, own translation) 59 Agentur für Sprunginnovationen (Agency for Springboard Innovation, SprinD, official translation) 59 Allianz für Cyber-Sicherheit (Alliance for Cybersecurity, ACS, own translation) 60 Auswärtiges Amt (German Federal Foreign Office, AA, official translation) 60 Bundesamt für Ausrüstung, Informationstechnik und Nutzung der Bundeswehr (Federal Office of Bundeswehr Equipment, Information Technology, and In-Service Support, BAAINBw, official translation) 60 Bundesakademie für Sicherheitspolitik (Federal Academy for Security Policy, BAKS, official translation) 61 Bundesanstalt für Finanzdienstleistungsaufsicht (Federal Financial Supervisory Authority, BaFin, official translation) 61 Bundesamt für Bevölkerungsschutz und Katastrophenhilfe (Federal Office of Civil Protection and Disaster Assistance, BBK, official translation) 61 Bundesanstalt für den Digitalfunk der Behörden und Organisationen mit Sicherheitsaufgaben (German Federal Agency for Public Safety Digital Radio, BDBOS, official translation) 62 Bundesamt für den Militärischen Abschirmdienst (Federal Office for Military Counter-Intelligence, BAMAD, official translation) 62 Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security, BSI, official translation) 63 Bundesamt für Verfassungsschutz (Domestic Intelligence Service of the Federal Republic of Germany, BfV, official translation) 64 Bundesbeauftragte:r für den Datenschutz und die Informationsfreiheit (Federal Commissioner for Data Protection and Freedom of Information, BfDI, official translation) 64 Bundeskanzleramt (Federal Chancellery, BKAmt, official translation) 65 Bundeskartellamt (Federal Cartel Office, BKartA, official translation) 65 Bundeskriminalamt (Federal Criminal Police Office, BKA, official translation) 65 Bundesministerium der Justiz und für Verbraucherschutz (Federal Ministry of Justice and Consumer Protection, BMJV, official translation) 66 Bundesministerium der Verteidigung (Federal Ministry of Defence, BMVg, official translation) 66 Bundesministerium des Innern, für Bau und Heimat (Federal Ministry of the Interior, Building and Community, BMI, official translation) 67 Bundesministerium für Bildung und Forschung (Federal Ministry of Education and Research, BMBF, official translation) 67 Bundesministerium für Finanzen (Federal Ministry of Finance, BMF, official translation) 68 Bundesministerium für Gesundheit (Federal Ministry of Health, BMG, official translation) 68 5 Impulse April 2021 Germany's Cybersecurity Architecture