A decisive step towards greater cyber security

The German government has reached a far-reaching agreement regarding the debt brake - with a surprising twist for IT security. The financial package stipulates that expenditure on IT security will no longer count towards the debt brake if it exceeds 1 percent of gross domestic product. This could mean the end of a long battle for more funding to protect against digital threats.

More money for cyber security - but is it enough?

The budget for IT security has often been an uncertain item in the past. Despite repeated promises, funding has been cut in many years, and the Federal Office for Information Security (BSI) and other relevant institutions have repeatedly come under pressure to tackle increasingly complex threats with too few resources. This is now set to change. From 2025, more funds could be available for cyber security - specifically for expanding infrastructure and improving the ability to respond to cyber attacks.

But how much money will actually flow? The agreement between the CDU/CSU, SPD and the Greens stipulates that expenditure amounting to more than 1 percent of GDP will no longer be affected by the debt brake. While this is basically a relief for IT security, the exact amount of additional funding remains unclear. It remains to be seen whether these changes will actually lead to sufficient funding or whether IT security will once again come under fire in future budget negotiations.

A security package for the future?

The planned regulation not only includes IT security, but also considerable funding for the German armed forces, disaster and civil protection and intelligence services. This could help to ensure that more investment is made in these areas in future in order to guarantee national security. A significant increase is needed in the digital sector in particular. Cyber attacks on companies, authorities and critical infrastructures are on the rise, and Germany is competing internationally for the best protective measures.

The agreement also includes the establishment of a special fund of 500 billion euros to be invested in infrastructure over 12 years. In this context, IT security is seen as part of a larger puzzle that is becoming increasingly important in an increasingly networked world. But here, too, there is a key question: are these funds actually being invested in digital defense in a targeted manner or are they being wasted in other areas?

Is IT security really getting stronger or will it remain a paper tiger?

The question that now arises is whether this agreement will be sufficient in the long term to raise IT security to a sustainable level. Yes, more money is a step in the right direction, but there is a lack of concrete strategies and clear priorities. The debate about the debt brake and the special fund must not just be an exercise in financial policy - it must also reflect the actual security needs of the digital world. It remains to be hoped that the planned funds will actually end up where they are needed and that IT security will not once again become a "cut item" in the budget.