THE EUROPEAN – SECURITY AND DEFENCE UNION
Interview with Arne Schönbohm, President of the Federal Office for Information Security (BSI), Bonn
T
he European: Mr Schönbohm, you have been the President of the German Federal Office for Information Security (BSI) since early 2016. In February of that year you were given the task of re-designing and building up this agency on solid foundations and with a budget allowing you to pursue ambitious objectives. On the national level, you developed the BSI into the German cybersecurity agency with the obligation to help the private sector develop security standards. Within the European Union you cooperate with your counterparts from other Member States, supporting the EU to ensure coherence and efficiency in cybersecurity. Have you been able to realise your ambitions and what is the status of German cybersecurity today? Arne Schönbohm: Indeed, we have made great progress in the field of cybersecurity in general. The IT-security law of 2015,
24
which was a great effort by the Federal Ministry of the Interior and the federal government, has had a big impact, especially for critical infrastructure, and will continue to do so. We have developed a common and widely regarded cloud security standard (C5) with our French partner agency ANSSI. Last but not least, the EU Cybersecurity Act was passed. The European: What are its advantages? Arne Schönbohm: This legislation will allow us to develop a more streamlined European IT security certification policy which will improve the security features of IT products potentially having a large impact on the unregulated market for the Internet of Things (IoT) consumer devices and more. Together with the new and improved mandate for the EU Agency for Cybersecurity (ENISA) we are heading steadily in the right
photo: ESDU
Europe needs coherent national strategies and EU operational concepts
