How did our tool for “get situational awareness by asking the constituency questions” perform during the KSÖ exercise last week?

Not just the seasons, or my attempts to appear in the office in an outfit other than holey conference shirts, shorts and Birkenstock slippers that are cyclical. The desire of politicians for a "government trojan" or surveillance of digital communication seemingly follows a constant rhythm as well - and apparently it's that time again. Federal Chancellor Karl Nehammer is making the surveillance of digital communication a fixed condition for a future political coalition.

Back in January 2024, I was asked by the Belgian EU Presidency to moderate a panel during their high-level conference on cyber security in Brussels. The topic was the relationship between cyber security and law enforcement: how do CSIRTs and the police / public prosecutors cooperate, what works here and where are the fault lines in this collaboration. As the moderator, I wasn’t in the position to really present my own view on some of the issues, so I’m using this blogpost to document my thinking regarding the CSIRT/LE division of labour. From that starting point, this text kind of turned into a rant on what’s wrong with IT Security.

As a national CERT, one of our extremely important tasks is to proactively inform network operators about potential or confirmed security issues that could affect Austrian companies. Initially, I intended to discuss the technical changes in our systems, but I believe it's better to start by explaining what we actually do and how we help you sleep well at night — though you should never rely solely on us!