Information Security

Information is of essential value for the three pillars of KIT: research, teaching and innovation.

Digitalization is increasingly permeating and networking research, teaching, innovation and administration.

Theaim of information security is to adequately protect an organization's information. The basic values of information security are

Confidentiality: Confidential information is protected from unauthorized disclosure.
Integrity: Information is complete and unchanged.
Availability: Processes, IT services or information are available at the required time.

The current starting position is characterized by the expansion of the consideration from a narrower IT security concept to a broader, science-adequate information security concept as well as by the review and adaptation of processes with regard to the requirements of the General Data Protection Regulation (GDPR).

IT security management was established starting with the adoption of the IT security guideline in 2009. A continuously developed IT security concept describes fifteen basic procedures for achieving KIT's IT security goals. In the transformation from an IT security management system to an information security management system, the initial focus will be on the design and implementation of its governance.

In order to establish an effective and up-to-date framework for the design and implementation of IT, the Executive Board of KIT adopted the IT governance framework in December 2017 and appointed an Chief Information Security Officer (CISO) as the central point of contact for information security. The ISB is independent of the organizational units in the Digital Office and is responsible for the organization of information security management.

The outstanding importance of IT for KIT means that the cross-cutting issues of information security and data protection are given high priority. The "information" area of need identified by KIT as relevant to society obliges it to handle information in an exemplary manner with regard to information security and data protection. The ISB and the Data Protection Officer (DPO) work together on a basis of trust.

The operational IT security of the Scientific Computing Center (SCC) and the Computer Emergency Response Team (KIT-CERT) support the ISB.

Overarching issues relating to information security, data protection and legal compliance are dealt with in the Working Group for Information Security, Data Protection and Law (ASDuR).

Further information:

Digitalization Governance Framework of the KIT
Circular no. 12/2019: Appointment of the Information Security Officer of KIT
Recommendation "Information security as a strategic task of university management" of the German Rectors' Conference

Contact

Philipp Bunten
Chief Information Security Officer (CISO)

+49 721 608-41035philipp bunten ∂does-not-exist.kit edu20511.40 Campus Süd