Remit and tasks
The remit and tasks of GovCERT Austria are derived from several documents.
Initially, this was the 2013 Austrian National Cyber Security Strategy (ANCSS). Within this Strategy‘s framework, and for the first time in Austria, a proactive concept was developed to protect cyberspace and individuals in virtual space while ensuring their human rights. One constituent of this concept was the expansion and strengthening of the role of GovCERT Austria, which is operated by the Federal Chancellery. The dynamically developing challenges of cyberspace made it necessary to update the Strategy.
The federal government adopted the new Austrian Cybersecurity Strategy in 2021, an enhanced, comprehensive and proactive concept for the protection of cyberspace and individuals in virtual space. The Strategy lays out the strategic framework for a national cyber security policy as well as for the long-term establishment of a secure cyberspace as a contribution to increased resilience of both Austria and the European Union through a whole-of-nation approach.
GovCERT was put on a sound legal footing in 2018 with the implementation of the first EU NIS Directive in the Federal Act to Ensure a High Level of Security of Network and Information Systems (Network and Information Systems Security Act – NIS Act). Sections 14 and 15 set out the tasks of, and requirements for, Computer Emergency Response Teams, as CERTs are referred to in the Act. GovCERT Austria RFC 2350, the document derived therefrom, describes the structure, interfaces and services of GovCERT Austria in a standardised form. Primarily, this communicates to other security teams what they can expect from GovCERT Austria.
Essentially, the GovCERT Austria Rules of Procedure clarify the participation in active information exchange as well as in GovCERT Austria meetings:
GovCERT Austria Geschäftsordnung (PDF, 92 KB)