Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Vulnerabilities
  • What is Bundesamtes für Sicherheit in der Informationstechnik (BSI)?
  • Critical Vulnerability
  • Vulnerabilities

What is Bundesamtes für Sicherheit in der Informationstechnik (BSI)?

4 years ago Jeannine Balsiger
What is Bundesamtes für Sicherheit in der Informationstechnik (BSI)?

Have you ever confused your acronyms?  Perhaps you have laughed when someone has had to explain some of the acronyms used in text messages.  Business, and especially technology acronyms are almost as plentiful as text acronyms.  There are few things as embarrassing as being in a business meeting, and mistaking one acronym for another.  This happened recently in a meeting where the acronym “BSI” was not defined in full immediately, and it was especially confusing because the acronyms for both organizations serve similar functions.

For years, many have associated the acronym BSI with the British Standards Institution.  Headquartered in London, the British Standards Institution functions as the world’s largest certification body.  It was the pioneer of standards for management systems, and it publishes standards that impact virtually every aspect of modern society.   This is an important organization, to which many businesses look for guidance across a vast catalog of disciplines.  It is similar to the National Institute of Standards and Technology (NIST), offering information about topics that extend beyond information security.

What is the Bundesamtes für Sicherheit in der Informationstechnik (BSI)?

However, BSI is not only a British organization. Germany has an organization that also shares the BSI acronym.  Bundesamtes für Sicherheit in der Informationstechnik (BSI) is The Federal Office for Information Security in Germany, and unlike the broader functions of the British Standards Institution, the German BSI has its focus specifically in the world of information security.  It can be loosely compared to the Center for Internet Security, famous for the CIS Controls.

The BSI was founded in 2009 by an act of the government of Germany in an effort to better protect all aspects of information technology.  The BSI serves multiple functions in the cybersecurity arena.  Not only does it serve as an informational source for risks and threats, but it also carries out security testing and assessments of IT systems.  Its audience includes manufacturers, distributors, and users of information technology.  To further its mission, BSI also analyzes IT developments and trends.

The BSI serves as a certifying body for many aspects of business in Germany, including cloud computing, critical infrastructure, cryptography, crisis management, and other minimum standards. It also is available to all consumers.  The primary function of a BSI certificate is to assure the security of an IT product by providing transparency of a products capabilities, trustworthiness to recognized standards of security, honest usability information, and suitability for use.   It accomplishes this by engaging with three certifying criteria: IT security (ITS), Information Technology Security Evaluation Criteria (ITSEC), and the Common Criteria.  Each of these are globally recognized across multiple industries.

The BSI seeks to create confidence in technology.  This is further evidenced by the depth of research undertaken by the organization.  The hierarchy of BSI is spread across eight separate divisions that are subdivided into branches of specific focus.  For example, the “Technical Centers of Excellence” division is comprised of sections that include IT Systems, IT Infrastructure, Chip security, and Technology and Research Strategy.  Following across the hierarchical structure, the “Cyber Security for Digitization and Electronic Identities” division is subdivided into separate branches and sections that address each of these broad concepts.  There are more than one hundred sections, each dedicated to a specific aspect of information security.  The thoroughness of the organizational structure lends itself to rigorous examination of each topic.

BSI has a very general statement about the necessity for security:

“The threat to our society in terms of the havoc that computer failure, misuse or sabotage could cause is greater than ever before.”

Of course, this is not a statement manufactured for passive consumption.  In order to protect systems from criminal exploitation, organizations need to take action.  Configuration management, continuous monitoring, and vulnerability management are all required as part of any good cybersecurity program.

Germany has always been a leader in privacy and security. As the vision of the BSI continues to expand, more organizations will turn an eye towards achieving certification to prove cybersecurity readiness.

In time, the German BSI will be as easily recognized as many of the other standardization institutions.

Tripwire’s global reach is not reliant on any particular geography.  What’s best is that Tripwire doesn’t just check the compliance box, it helps you truly achieve security.  Tripwire’s full line of cybersecurity products can help your organization to meet the goals needed to achieve BSI certification standards.  Whether it is log management, system configuration, or rapid awareness of vulnerabilities that may be lurking in your systems, Tripwire can help.

The post ” What is Bundesamtes für Sicherheit in der Informationstechnik (BSI)?” appeared first on TripWire

Source:TripWire – Jeannine Balsiger

Tags: Cloud, Critical Severity, Privacy, TripWire

Continue Reading

Previous Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
Next What Trust and Compliance Looks Like in a Cookieless Digital World

More Stories

  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

2 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

5 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

3 days ago [email protected] (The Hacker News)

Recent Posts

  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
  • eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
  • Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
  • Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
  • Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT