79. Enabling Cyber Sovereignty: with Knowledge, Not with National Products

The term “Cyber Sovereignty” has been tossed around panels (See for example the International Cybersecurity Conference 2016 in Munich, Panel: Digital Sovereignty – the Right Concept for Securing Europe’s Industry?), newspaper articles, and blogs for quite some time. However, a practical solution to reach a state of sovereignty in the field of implementing fitting and trustworthy cyber tools and products in one’s company is still missing. We have come to the conclusion that the idea of cyber sovereignty – undoubtedly charming and worthwhile – cannot be pursued with the usual military and national approach but must be addressed using a community of users and experts. Combining the concepts of digital user communities and cyber sovereignty led several German DAX companies to found the Deutsche Cyber Sicherheitsorganisation (German Cyber Security Organization) – DCSO in 2015 where the authors implemented the idea of a “Product Evaluation and Integration” Service (PEI). This PEI Service enables the founding members and DCSO customers to execute cyber sovereignty through testing, evaluating, and prototyping state of the art and future cyber security products, services, and vendors.

This article will elaborate on the main idea behind the foundation of the DCSO and go into detail of how valuable the PEI service has become for the security measures of German DAX companies. It will give concrete examples of the implementation and encourages similar initiatives for other problems like cyber security.