In 2016 Germany's government presented its third cybersecurity strategy which aims to
strengthen the national cyber defence architecture cooperation between the state and industry
and individual users' agency. For many years Germany has followed adopted a preventive and
engineering approach to cybersecurity which emphasizes technological control of security
threats in cyberspace over political diplomatic and military approaches. Accordingly the
technically oriented Federal Office for Information Security (BSI) has played a leading role in
Germany's national cybersecurity architecture. Only in 2016 did the military expand and
reorganize its cyber defence capabilities. Moreover cybersecurity is inextricably linked to
data protection which is particularly emphasised in Germany and has gained high public
attention since Edward Snowden's revelations. On the basis of official documents and their
insights from many years of experience in cybersecurity policy the two authors describe cyber
security in Germany in the light of these German peculiarities. They explain the public
perception of cybersecurity its strong link with data protection in Germany the evolution of
Germany's cybersecurity strategies and the current organisation of cybersecurity across the
government and industry. The Brief takes stock of past developments and works out the present
and future gaps and priorities in Germany's cybersecurity policy and strategy which will be
decisive for Germany's political role in Europe and beyond. This includes the cybersecurity
priorities formulated by the current German government which took office in the spring of 2018.
