Faissal Wardak

Awareness is an elementary security measure in the everyday use of IT systems and, alongside software security, is a pillar of the security of data that is repeatedly targeted by hackers, as was recently the case with the Hessian IT service provider Count and Care [1] . 
Ultimately, IT security is only as good as the person operating the system. This leads to the logical consequence of generating a certain level of problem awareness among all employees with regard to this issue. Building on this, a change in behavior towards secure digital handling can be achieved, which then represents a stable foundation for data sovereignty.

However, the rhetoric of “people as a security gap” is met with a broad response, which can have a destructive effect. The Federal Office for Information Technology therefore places people in the position of a defensive shield and recommends a series of awareness programs [2] .  

In addition, large stores such as Douglas, Kaufhof, etc. use software programs that are intended to sensitize employees to cybersecurity in a playful way, given that the ability to learn is greater in this way than from a trivial lecture by an IT expert.

The Committee should decide

The magistrate is asked to answer the following questions:

  1. Does the LHW have a current awareness method for municipal companies or their employees? If so, what does it look like? Are software programs used and if so, which ones?
  2. Does the magistrate know whether the LHW has been the victim of a successful cyberattack since the last legislative period? If so, what was the nature of the attack and how did the LHW respond to it?
  3. If there is currently no adequate awareness method/software to sensitize employees, the magistrate is asked to develop one and present it to the committee.

[1]  https://www.sueddeutsche.de/panorama/kritikitaet-wiesbaden-cyberattack-auf-it-firma-mit-erpressungstreff-dpa.urn-newsml-dpa-com-20090101-220614-99-659979

[2] https://www.bsi.bund.de/DE/Themen/unternehmen-und-Organisationen/Informationen-und-Empommenungen/Empkommenungen-nach-Attackszielen/Factor-Mensch/Awareness/awareness_node.html

Scroll to Top