Bundesamt für Sicherheit in der Informationstechnik – BSI ) has now been assigned the task of establishing
binding minimum standards for IT security in consultation with the departments. [1]
The BSI s powers to receive information on IT vulnerabilities and to notify affected IT manufacturers are expanded, and it is also clarified that the BSI is not entitled to refuse to accept information.[²]
Data protection
The IT-SiG 2.0 simplifies the data protection requirements that apply to the BSI with regard to the processing of log data.
Under sec. 5 para. 1 sentence 1 no. 1, para. 2 of the Act on the Federal Office for Information Security (
Gesetz über das Bundesamt für Sicherheit in der Informationstechnik – BSIG ), which applies unchanged, the Federal Office may, in order to avert threats to federal communication technology, collect and analyse in an automated manner