Federal Cybersecurity Architecture and Information Security Management - Adoption and Diffusion of the NIS-2 Requirements
Vorschaubild nicht verfügbar
ISSN der Zeitschrift
6. Fachtagung Rechts- und Verwaltungsinformatik (RVI 2023)
Regular Research Papers
Gesellschaft für Informatik e.V.
Europe, the federal government, the federal states, municipalities, and their business enterprises are facing the challenges of a hybrid threat situation. At a time when information technology is growing faster than ever before, information cyber security and security management system (ISMS) assessment have become one of the most important aspects of most public sector organisations. The dependency on technology for almost every single process in public sector organisations has put ISMS at the top of the corporate agenda. For public organisations in particular, the NIS 2 Directive describes abstract requirements for the development of an ISMS. At the same time, minimum requirements should be defined that help municipal administration set up an information security management system quickly and easily. This paper summarizes the different requirements and generates a foundation for a rough procedural model, for implementing the upcoming requirements of the NIS 2 Directive quickly and easily in local governments. In particular, the current discussion focuses on securing ICT infrastructures and services of all providers of services of general interest. European and national regulations provide the framework for an appropriate response to this threat to the common good. The federal cybersecurity architecture of a member state such as Germany, presented here, must fit into the European context. Procedures for the implementation of information security management systems complement this theoretical model. This thesis presents a federal cybersecurity model.