Task and objectives of the IT Crisis Reaction Centre
Similar to the IT Situation Centre the IT Crisis Reaction Centre was also created in accordance with the "National Plan for Information Infrastructure Protection" (NPSI). Based on the goal to resolve disruptions of the information infrastructure quickly and effectively, the IT Crisis Reaction Centre needs to
- ensure immediate responses to serious incidents in order to
- allow timely countermeasures and avoid large-scale damage.
For this purpose, IT security incidents are analysed, evaluated and forwarded to relevant entities. In addition, the IT Crisis Reaction Centre coordinates the cooperation with vendors, effected company's crisis management entities as well as industry SPOCs (Single Points of Contact). In the event of a crisis that eventually exceeds local responsibilities with implications for large parts of the Federal Administration, the necessary counter-measures are coordinated by a committee that consists of the relevant departments. The committee is invoked by the IT Crisis Reaction Centre.
In order to fulfill its mandate, an organisation was established that can be extended not only in paticular phases - depending on the crisis situation - but that can also consult other experts in the event of an alarm. In the wake of a crisis the 24/7 emergency service alerts the task forces and deploys them according to the needs of the situation. Appropriate facilities for the centre's work as well as necessary technical infrastructure such as uninterrupted power supply, emergency telephone and video conference facilities have been set up. At the same time redundant communication paths such as separate phone systems, mobiles, and satellite communication are available. Regular operations and trainings contribute to the continuous improvement of the staff's skills and organisation.