Why Germany’s Cybersecurity Law Isn’t Working

Commentary | August 19, 2015

In an article for the Council on Foreign Relations, EWI Senior Fellow Sandro Gaycken explains the sources of controversy in Germany's new cybersecurity regulations.

In the article, Gaycken notes that with the new regulations, many companies will be required to "establish a minimal set of security measures, prove they’ve implemented them by conducting security audits, identify a point of contact for IT-security incidents and measures, and report severe hacking incidents to the federal IT-security agency." Although "the government sought private sector input early on in the process of conceptualizing the law," Gaycken observes that "German industry continues to disagree with most of its contents."

To read this article published by the Council on Foreign Relations, click here.

To read this article published by Defense One, click here.