Cyberagentur evaluates with a high level of expertise
At the end of last year, the Agentur für Innovation in der Cybersicherheit GmbH (Cyberagentur) launched an important research project with the competition “Existential risks from cyber and information space – high security in security-critical and defense-relevant scenarios” (HSK). A multi-million euro contract for the cyber security of critical infrastructure, which entered its second phase in September with three research consortia.
The Cyberagentur has formed an expert jury to evaluate the concepts submitted in the first phase of the competition. It is made up of researchers from the Cyberagentur and two external experts. The external members are Dr. Harald Niggemann, Cyber Security Strategist at the Federal Office for Information Security (BSI) and Lieutenant Colonel Christoph Kühn, Head of Department at the Bundeswehr Cyber Security Center. In an interview with the Cyberagentur, both spoke about the competition, the challenges and the prospects.
Question: How were you selected for jury duty and what is your impression after a year of jury duty?
Dr. Harald Niggemann: The HSK competition deals with a range of topics from all three pillars of cyber security: prevention, detection and response. For the BSI, it was therefore clear from the outset that a broad background of experience in various facets was necessary for this jury activity. As I have been working on strategic aspects and the fundamentals of operational cyber security at the BSI for many years and have also been able to gain jury experience in other projects, I was naturally very happy to take on this task. The first year on the jury was an excellent opportunity for me to take a close look at new research approaches, not only on the basis of the concepts submitted, but also in discussions with the other jury members.
Christoph Kühn: In July 2022, potential jury members were sought for this project. As I am interested in science and research and the project is similar to my current role, I applied. My department at the Bundeswehr Center for Cyber Security (ZCSBw) deals with cyber threats, hazards and risks. The ZCSBw as a whole protects the Bundeswehr’s information and information technology in various aspects.
My superiors supported the commitment, even though we were all aware that additional work and effort would be required. Everything seemed to fit and I was selected.
The work is fun, although a lot of time has to be invested. Especially in the phases in which documents have to be evaluated, I can’t avoid reading and commenting on them in my free time. Sitting in the office for hours on end over several days in order to concentrate on reading is simply not possible as head of department in an operational area.
The Cyberagentur team integrates us two externals very well and you can tell that our opinion is valued. That’s why I’m happy to spend the time.
Question: What do you see as the significance of the current competition? What do you hope to gain from the competition?
Dr. Harald Niggemann: Cyber attacks are constantly evolving, both technologically and in terms of the methods used. They affect all areas of society, especially critical infrastructures, i.e. services that are particularly important for supplying the population. Without innovative approaches based on scientific findings, we will not be able to adequately counter these threats in the future. To do this, we need the entire chain from basic research to the development of marketable products. The HSK competition is an important contribution to this, as it enables the commissioning of outstanding research projects that leave the beaten track.
Christoph Kühn: The Cyberagentur promotes high-risk research with this project. I don’t believe that companies and start-ups in particular, but also universities that rely on third-party funding, would be able to conduct such intensive research into these topics without the Cyberagentur’s project funding. This is precisely why the Cyberagentur was founded: to ensure Germany’s sovereignty in cyber security and its key technologies.
We will not be able to use the research results immediately. But when we look at the duration of armaments projects, it becomes clear that we have to look far into the future in order to make them safe from the design stage. Even if the Bundeswehr is not defined as critical infrastructure, the operational capability of the Bundeswehr is essential for Germany.
Question: What are the issues facing the future cyber security of critical infrastructure?
Christoph Kühn: Our world is characterized by complexity and networking. This inevitably leads to systems offering attack surfaces that cannot always be adequately protected with today’s resources and available specialist personnel. This is why we need processes and tools that help us to prevent, detect and respond to attacks in cyber and information space (CIR). Of course, artificial intelligence always plays an important role here. After all, we have to assume that attackers also use these methods. I really like the fact that all the remaining consortia are not just looking at individual aspects, but have chosen a holistic approach.
Dr. Harald Niggemann: I would like to highlight two aspects that I believe are particularly important. The first is the need for automation. Cyber attacks often affect many systems at the same time and often require very rapid action to limit the potential damage. Manual intervention is becoming less and less practicable for this. The second aspect is security throughout the supply chain. In recent years, the main focus has been on secure operations for users of information technology. However, we will only be able to guarantee adequate cyber security if we take this into account from the outset when developing components and supplier components.
Question: You both work in a more operational role. What impression have you gained from the academic side and are there any insights (of a technical or procedural nature) that you can apply to your work?
Dr. Harald Niggemann: The BSI’s working methods and services, including in the area of operational cyber security, are based on scientific findings. The continuous exchange with university and non-university research institutions is therefore an essential foundation of our work. In my view, the particular added value of the HSK competition lies in the risk. In this competition, the Cyberagentur expects applicants to be willing to look for new solutions outside of the familiar approaches, even if this makes the course of the project less predictable. I have already been able to learn numerous ideas from the evaluated concepts and the main results are still to come.
Christoph Kühn: I was wonderfully received and my opinion is valued, even though I’m the only one on the jury without a doctorate (laughs). The mix of academic and operational staff on the jury makes it possible to evaluate projects in a differentiated way. Even though I work in operations, my position as head of department means that I often have to record documents and content, identify focal points and key messages, evaluate them and draw conclusions. This is not far removed from academic work.
It was interesting for me to see the different approaches of the competitors and their view of the overall problem. This opened up new connections for me that I probably wouldn’t have seen otherwise. I have already benefited from this in other working groups, but also in my day-to-day work.
Groups often develop their own jargon over the years. This is even proverbial for the Bundeswehr and its abbreviations. Here, too, I had to get used to understanding other people’s technical terms and holding back with my own. This is another soft skill that I was able to improve.
How do your organizations benefit from your work as a jury member?
Dr. Harald Niggemann: On the one hand, jury membership is another opportunity for the BSI to contribute its experience in prevention, detection and mitigation to the research landscape. This applies, for example, to the practical work of the National IT Situation Center and the Computer Emergency Response Team Bund (CERT-Bund), both of which are based at the BSI. However, the reverse flow of information is just as important to the BSI. As already mentioned, cyber security is dependent on new impetus from research and science.
Christoph Kühn: Unfortunately, there are currently no staff with extensive military experience working permanently at the Cyberagentur. With me as part of the external jury team, existing expertise will be expanded to include the military defense perspective and the project groups applying will be asked to think about this as well.
In particular, I have found that direct discussions at workshops on site or in longer web conferences improve collaboration and mutual understanding. In professional dialog or in side conversations, you suddenly come across things that would not have been discussed in a written comment or email. This also brings up topics that are relevant to other projects or clarify the general military view. That’s why I think the cost of being present on site is more than justified.
What advice would you give to future jury members?
Christoph Kühn: Look forward to the work and the experience and enter the academic world in a relaxed and relaxed manner. But this is not a task that can be completed in just a few short meetings. So far, I have invested over 20 working days and the project will run for another three years. It’s certainly worth the effort, but you have to be able to find the time in your own schedule and task portfolio.
Dr. Harald Niggemann: As a jury member, I have set myself the aim of drawing on my experience in the field of cyber security when evaluating the submissions, of course, but also being prepared to question the established solutions. In order to arrive at the most objective assessments possible, I must be able to engage with new approaches, provided they are well-founded, plausible and promising.
Further information: https://www.cyberagentur.de/hsk/