The new IT Security Act 2.0 enters into force today, granting the Federal Office for Information Security (BSI) expanded competencies.
This new law seeks to strengthen the role of the BSI as the federal authority for informing, warning and advising in terms of cyber security. In order to rapidly detect and close security gaps in IT systems and to protect against cyberattacks, the BSI is thus given more extensive responsibilities.
These are further details:
- The IT Security Act is intended to strengthen digital consumer protection and to put it on the BSI's task agenda.
- At the federal level, the BSI will become an independent and neutral advice center for consumers on issues regarding IT security.
- In addition to private companies being obliged to comply with specific IT security standards, the requirements for cyber security in mobile networks are also being expanded.
- To ensure information security in 5G mobile networks, operators must fulfil high security standards and certify critical components, that is hardware elements, which authorities consider extremely important due to the high data streams
- The new law also provides for the use of critical components to be prohibited if they are likely to endanger public order or security.
Arne Schönbohm, BSI President, said: "This day is a real milestone for the BSI. The IT Security Act 2.0 paves the way for an improved level of cyber security in Germany. We will significantly expand our existing task range, warning of dangers, providing information and orientation in everyday digital life and products. In the future, a uniform IT security label for consumers should make clear which products already comply with certain IT security standards. With this support we would like to quickly approach the consumer market."