BSI Calls for Better IT Security for Consumers
The BSI (Federal Office for Information Security) has highlighted the need for improved digital consumer protection in its annual report. Gerhard Schabhüser, Vice President of BSI, discussed the increase in phishing attacks with the current media hype and stated that consumers are increasingly affected indirectly, such as through data leakage and payment provider failure. Christiane Rohleder, State Secretary in the Federal Ministry for the Environment and Consumer Protection, emphasised that criminals are taking advantage of people’s emotions through fears of war, financial hardship, and fake charity scams.
Another problem highlighted in the report was fake shops, which exploit people’s needs, especially in the fuel trade. The BSI is currently checking IoT devices and will award an IT security label by the end of 2022 for up to 37 consumer products. The BSI also emphasised the need for a minimum requirement for market access.
The planned EU regulation called the Cyber Resilience Act (CRA) could be a milestone in ensuring the IT security of networked products. The CRA mandates reporting obligations and proof of minimum requirements, which are currently voluntary. The German position on the Cyber Resilience Act has not yet been politically agreed, but Rohleder has advocated for security updates for the lifespan of a product and more consideration for products for children and wearables. The coalition agreement also aims to strengthen official enforcement.
