In June, the German government presented its National Security Strategy. The aim is to be better equipped to deal with threats from both inside and outside the country and to respond more dynamically to new challenges in the world - including in cyberspace - with a "policy of integrated security". The foreword to the 76-page security strategy, which points the way forward for security in Germany, states the goal: "To maintain the security of citizens and make our contribution to the security of Europe." In this context, the concept of security is defined very broadly and does not focus on defense, but also includes the protection of technical infrastructures, raw materials, energy and food security, and cyber and space security. We asked CISPA faculty Prof. Dr. Thorsten Holz three questions about the new National Security Strategy.
What role do technological aspects play in the National Security Strategy?
As a researcher at CISPA, I am glad that the new security strategy addresses the topics of IT security and artificial intelligence. In the 21st century, these topics are among the drivers of innovation and economic growth, as vulnerabilities and attack vectors are emerging time and time again. At CISPA, we are working with our research to counter these vulnerabilities and attack vectors, which keep popping up in even the most security-critical infrastructures, such as energy supply networks, water supply, health care, communication networks, and transportation networks. Foreign Minister Annalena Baerbock has recognized and addressed the need for action here, and directed focus to our research areas in the new National Security Strategy. She addresses various challenges, including cyberattacks and disinformation campaigns. This is a good start. I am sure that these issues will remain in focus, as they do indeed pose a serious threat to Germany's national security and digital sovereignty.
How do you assess the political or social significance of the strategy?
The security strategy presented sets bold and purposeful priorities for protecting a digitized society. The state, industry, science and society want to work together to bolster cybersecurity. The German government wants to strengthen its capabilities to defend against cyber attacks. These are appropriate and important impulses set by Baerbock, the lead minister for foreign affairs.
Above all, the chapter on "Defense against threats from cyberspace" is important. In order to achieve digital sovereignty, targeted investments are to be made in technology support and the further development of security standards is to be promoted. I think these are appropriate and important measures for building and maintaining a strong, defensible democracy.
What is important in this strategy from a scientific or research perspective?
The critical factors in cybersecurity will be breakthrough advances in the methodological foundations of information processing. The success of national security, as well as digital products, services, and solutions, will critically depend on these advances. Methodological advances will open important opportunities for value creation in a wide range of application areas and protect the digital society from future threats.
In cybersecurity research, the new security strategy logically focuses on technological disruptions such as those caused by artificial intelligence. Germany's resilience and competitiveness are based to a large extent on strong innovation and on technological and digital sovereignty. For this reason, the German government intends to provide targeted support for science and research as well as innovative strength and to take measures to protect against illegitimate influence and illegitimate knowledge leakage.