Digital Defense

As Outrage Over U.S. Spying Reverberates, Budget Cuts Pinch German Plan to Tighten Net Security

The BSI is responsible for ensuring the IT security of Germany's federal government. Source: AP
The BSI is responsible for ensuring the tech security of Germany's federal government.
  • Why it matters

    Why it matters

    The U.S. National Security Agency’s spying on Chancellor Angela Merkel’s phone conversations has sparked a rethink in Berlin political circles that Germany must boost its cyber defenses.

  • Facts

    Facts

    • Germany’s interior minister wants to significantly boost the scope of the Federal Office for Information Security (BSI).
    • The agency is hamstrung by budget decisions by Germany’s parliament.
    • The German business community is concerned the BSI is being underfunded and overstretched.
  • Audio

    Audio

  • Pdf

Germany’s Federal Office for Information Security had been receiving unaccustomed attention lately. The once obscure agency, whose German name is abbreviated as BSI, is responsible for managing the government’s computer and communications security.

But these days, the BSI is mentioned whenever government officials in Berlin speak about lessons learned from the U.S. National Security Agency’s spying on German Chancellor Angela Merkel’s phone.

Thomas de Maizière, Germany’s interior minister, aims to significantly boost the scope of the BSI, which falls under his authority. Questions about secure information technology are becoming more complex and diverse and, “therefore, the additional expansion of the BSI is necessary,” said de Maizière, a member of Mrs. Merkel’s conservative Christian Democrats.

But Germany’s central IT-security agency faces acute financial problems, sources close to the BSI told Handelsblatt. Important projects for improving data security and updating the BSI’s protection recommendations for businesses are likely to be affected by budgetary constraints recently triggered by Germany’s parliament. Until further notice, all federal authorities will no longer be able to access funds unused from the previous year.

This decision hit the BSI particularly hard. Because complex IT projects often take years to complete, about €28 million ($37.6 million) in unspent funding had accumulated. The amount of money the BSI can no longer access counts for more than a third of its annual budget of about €80 million. The agency in Bonn is now allowed to spend money only on essential services.

“The ministries in question have to find a solution - this must not endanger any projects.”

Reinhard Brandl, Parliamentary budget expert

A spokesperson for Mr. De Maizière declined to comment in detail about the BSI’s financial situation. Reinhard Brandl, a parliamentary budget expert for Mrs. Merkel’s conservatives, has asked the interior and finance ministries to look for solutions.

For de Maizière, the financial situation is not only unpleasant, it’s politically tricky. He will soon present a draft of an IT-security law, where the BSI’s difficulties will fuel criticism of his efforts to beef up Germany’s technological defenses. In particular, members of the German business community, which also relies on the BSI expertise, have warned the planned expansion will overstrain an agency of only 580 employees. Given its growing remit, it is “indispensable to have a capable BSI,” according to one business manager who requested anonymity.

Mr. de Maizière wants to require operators of key German industries such as power plants and water and telecommunications companies to report serious cyberattacks. The BSI would use this information to assess the situation and advise companies about additional protection measures. But companies and security experts said the BSI can’t even fulfill its advisory function today with its puny resources.

As an example, they point to the fact that it took the BSI months to first react to the data theft of 16 million German online accounts recently.

This article was translated by Anna Park Kim. To contact the author: hoppe@handelsblatt.com

We hope you enjoyed this article

Make sure to sign up for our free newsletters too!