Nationales Cyber-Abwehrzentrum

The National Cyber Defence Centre (NCDC or Cyber-DC) is a cooperation, communication and coordination platform of German Federal agencies and other institutions from different ministries dealing in particular with cyber-related matters of nationwide relevance.

On the basis of an exchange on cyber-related matters or incidents every working day, a joint, overall cyber-security situation report for Germany is regularly prepared and updated. To handle issues of (potentially) national importance, the participants in the Cyber Defence Centre harmonise and coordinate the individual authorities' activities. Their implementation remains the responsibility of the respective authority or institutions.

The Cyber Defence Centre is not an authority of its own. The Federal Office for Information Security is the host of the Cyber Defence Centre and thus provides premises and technology in Bonn so that the Cyber Defence Centre is able to perform its tasks.

Creation
In the course of the implementation of the Cybersecurity Strategy for Germany, the Cyber Defence Centre was created in 2011 as a joint, inter-authority and interinstitutional platform for an improved and accelerated information exchange between the participating authorities and institutions and for an increased coordination of protective measures and countermeasures against IT security incidents in Germany.

On the basis of a cabinet decision dated 23 February 2011, the Cyber Defence Centre took up its work on 01 April 2011 - initially under the leadership of the BSI and with the direct involvement of the Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz / BfV) as well as the Federal Office of Civil Protection and Disaster Assistance (Bundesamt für Bevölkerungsschutz und Katastrophenhilfe / BBK).

During this stage, the Federal Criminal Police Office (Bundeskriminalamt / BKA), the Federal Police (Bundespolizei / BPOL), the Central Office of the German Customs Investigation Service (Zollkriminalamt / ZKA), the Federal Intelligence Service (Bundesnachrichtendienst / BND) and the Federal Armed Forces (Bundeswehr) participated as so-called associated authorities. Based on an administrative agreement, the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht / BaFin) has also been involved since 2015.

Current organisational set-up
With the entry into force of the currently valid rules of procedure on 01 September 2019, the Cyber Defence Centre underwent a significant further development.

Taking into account their respective tasks, responsibilities and legal powers, now eight core authorities with equal rights - the BBK, BSI, BfV, BKA, BND, the Federal Police Headquarters as well as for the Bundeswehr the Military Counterintelligence Service (Militärischer Abschirmdienst / BAMAD) and the Cyber and Information Domain Service (Kommando Cyber- und Informationsraum / KdoCIR) - work together even more intensively in the Cyber Defence Centre.

The ZKA and the BaFin continue to be involved as associated authorities. The involvement of further relevant institutions at federal and Länder level is currently being tested. This includes representatives of the judiciary as well as the German Länder, which underlines the whole-of-government and federal approach to maintaining Germany's cyber-security.

In addition, the position of a coordinator was created: This position is filled by the different authorities on a rotating basis for two years at a time. The BKA has provided the first coordinator since December 2019. The coordinator is supported by two deputies, who are currently provided by the BfV and the KdoCIR. The BND and the BSI will follow.

Tasks
The mission statement of the Cyber Defence Centre defines its core tasks as follows:

The Cyber Defence Centre is the cooperation, communication and coordination platform of the appropriate (security) authorities of the different ministries which, in particular through a joint, up-to-date and comprehensive cyber-security situation report for Germany, strategic reporting and the coordinating operational and interdisciplinary case management, provides indispensable contributions to Germany's national cyber-security and thus - also in the event of a crisis - to the Federal Government's capacity to act.

The focus is on the whole-of-government, i.e. cross-authority and cross-ministry approach to the handling of matters without interfering with the individual responsibilities of the authorities. To this end and in compliance with legal provisions, the authorities and institutions involved in the Cyber Defence Centre exchange information on cyber-relevant matters on a daily basis and jointly derive implications for Germany's cyber-security. Resulting measures are coordinated and implemented under the jurisdiction and responsibility of the appropriate authority.