German Companies Lagging in Cybersecurity Registration with BSI

Berlin (dpa) – As of February 2026, fewer than one in six companies in Germany considered critical infrastructure have fulfilled their obligation to register with the Federal Office for Information Security (BSI), according to a response from the federal government to a parliamentary inquiry.^[1] This indicates a significant gap in compliance with national cybersecurity regulations.

Current Registration Status

The BSI has, as of February 6, 2026, received registrations from 4,856 companies.^[1] However, this number falls short of the approximately 29,500 companies identified as critical infrastructure operators subject to the requirements of the BSI Act. The shortfall highlights challenges in ensuring comprehensive cybersecurity preparedness across vital sectors.

Growing Cybersecurity Threats

The BSI has identified emerging threats, including those posed by drones.^[1] A recent working paper analyzes key threats emanating from drones and their payloads, aiming to aid companies and organizations prepare for these new security risks. The increasing use of Artificial Intelligence (AI) is also being scrutinized for its potential impact on democratic discourse and opinions, as discussed at the Munich Security Conference by Claudia Plattner.^[1]

BSI’s Role and Focus Areas

Founded in 1991, the Federal Office for Information Security (BSI) is Germany’s national cybersecurity authority.^[2] It manages computer and communication security for the German government, focusing on areas such as IT security threat monitoring, critical infrastructure protection, internet security, cryptography, and security product certification.^[2] As of 2024, the BSI employs over 1,700 people.^[2] Claudia Plattner has been the President of the BSI since July 1, 2023, succeeding Arne Schönbohm.^[2]

Digitalization and Cybersecurity in Healthcare

The BSI emphasizes the importance of information security in the context of increasing digitalization within the healthcare sector. Digitalization offers benefits to patients, doctors, hospitals, and health insurance companies, but these benefits are contingent upon robust cybersecurity measures.^[1]

Cooperation and Future Initiatives

The BSI is actively involved in international collaborations, serving as the single point of contact for the national coordination centre in Germany within the European Cybersecurity Competence Centre (ECCC).^[3] the BSI is collaborating with the Schwarz Digits group to develop sovereign cloud solutions for public administration in Germany.^[2]

Key Takeaways

• A significant number of critical infrastructure companies in Germany have not yet registered with the BSI as required.
• The BSI is actively addressing emerging cybersecurity threats, including those related to drones and AI.
• Digitalization in sectors like healthcare requires a strong focus on information security.
• The BSI is collaborating internationally and domestically to enhance cybersecurity capabilities.

The ongoing efforts of the BSI are crucial for strengthening Germany’s cybersecurity posture in an increasingly complex threat landscape. Continued focus on registration compliance, proactive threat analysis, and collaborative initiatives will be essential to protect critical infrastructure and ensure a secure digital future.

^[1] BSI – Federal Office for Information Security

^[2] Federal Office for Information Security – Wikipedia

^[3] Federal Office for Information Security (BSI) – Germany