National Cybersecurity Offices

In Austria, cybersecurity is a whole-of-government issue. In legal terms, it is therefore an issue that must be addressed in all areas of government. As a result, there is no single authority that can dictate binding provisions for all of Austria. It therefore calls for effective coordination and all areas to join forces. Ultimate responsibility lies with the following federal ministries: The Federal Chancellery (BKA), Federal Ministry of the Interior (BMI), Federal Ministry for European and International Affairs (BMEIA) and Federal Ministry of Defence (BMLV).

The Federal Chancellery coordinates national and international strategic cybersecurity issues and cooperates with national, European and international stakeholders via various working committees. It also manages the Federal Backup Data Center (ZAS) and the Government Computer Emergency Response Team (GovCERT Austria).

National coordination structures for cybersecurity

Structures have been established at operational level for the purpose of coordination. These structures provide a constant overview of the situation and enable coordinated deployment of cybersecurity forces for tackling cyber incidents. These are known as the Operative Coordination Structure (OpKoord) and the Inner Circle of the Operative Coordination Structure (IKDOK). The BMI is responsible for organisational management of these coordination structures. The IKDOK, supported by the OpKoord, forms the direct interface with the whole-of-government Cyber Crisis Management (CKM) in the event of a crisis. The CKM provides a platform for inter-ministerial coordination during developing crises. If military deployment in cyberspace is announced in the event of a cybercrisis (for example to defend against attacks in cyberspace that jeopardise the country's sovereignty), the management of operations in cyberspace will be transferred from the BMI to the BMLV.

The Cyber Security Steering Group (CSS) and the Cyber Security Platform (CSP) are also active at strategic level. The CSS is responsible for implementing the Cybersecurity Strategy. The CSP is the central platform for communication and cooperation between stakeholders from the economy, academia and public administration.

National coordination structures for cybersecurity

Legend

  • _ _ _ event-related
  • AbwA: Austrian Armed Forces Security Agency
  • AdD: Digital Service Providers
  • AEC: Austrian Energy CERT (= sector-specific CSIRT for sector energy)
  • BK: Criminal Intelligence Service Austria
  • BKA: Federal Chancellery
  • BMEIA: Federal Ministry for European and International Affairs
  • BMI: Federal Ministry of the Interior
  • BMLV: Federal Ministry of Defence
  • BVT: Federal Agency for State Protection and Counter Terrorism
  • BwD: Operator of Essential Services
  • C4: Cyber Crime Competence Center
  • CERT.at: the national CSIRT
  • CKM: Cyber Crisis Management
  • CKM-KA: Cyber Crisis Management Coordination Committee
  • CSC: Cyber Security Center
  • CSP: Cyber Security Platform
  • CSS: Cyber Security Steering Group
  • DSN: State Security and Intelligence Directorate
  • EdöV: Entities of Public Administration
  • GovCERT: Government Computer Emergency Response Team
  • HNaA: Austrian Strategic Intelligence Agency
  • IKDOK: Inner Circle of the Operative Coordination Structure
  • IV/10: Department Network and Information Systems Security
  • MilCyZ: Military Cyber-Centre
  • OpKoord: Operative Coordination Structure
  • sCN: Sector-specific CSIRT
  • SKKM: State Crisis and Catastrophe Protection Management