Information technology (IT) has become an integral part of our modern life.
IT enables everyday activities and governments, critical infrastructures and the broader economy are highly dependent on it. Therefore, confidentiality, integrity and availability of IT has become a necessity and precondition for our modern and interconnected world to run smoothly.
When the World Health Organization (WHO) assessed on 11 March 20201 that COVID-19, the infectious disease caused by the Coronavirus SARS-CoV-22, could be characterized as a pandemic, this also caused major impacts on the national and international IT security situation.It is against this background that the French National Cybersecurity Agency (ANSSI) and the German Federal Office for Information Security (BSI) took proactive actions towards their constituents to limit the risk and potential negative consequences both during and after the COVID19 pandemic. Even if the IT security threat landscape is ever evolving, those actions were and are still driven by the basic principles of cybersecurity: ensure confidentiality, integrity and availability of an IT infrastructure. Those principles are complemented by wider information assurance measures like robust risk analysis, awareness raising campaigns, adhoc communications and normative productions.
In this third edition of the Common Situational Picture (CSP) the focus lies on the different actions undertaken by ANSSI and BSI in the context of COVID-19. To do so, the following report goes through the impact that the COVID-19 pandemic may have had across healthcare, government and civil society, and the response measures, which were taken to cope with it. In order to reflect the different approaches, respective risks foreseen and to allow for a comparative approach, each agency presents its view separately. At the end, ANSSI and BSI will draw a common outlook on the IT security situation at hand.