“Achieving digital sovereignty faster”

The threat situation in cyberspace remains tense and continues to grow in quality and quantity in the context of geopolitical power shifts and hybrid attacks. Cyber aggression has massive impacts on the state, economy, science, and society, thus affecting our prosperity as well as our security. At the same time, new technologies like artificial intelligence (AI) are emerging, offering many opportunities but also presenting new challenges—especially in cybersecurity.

In handling technologies and digital products, a dual strategy is needed to prepare for the future: We must strengthen the European market and domestic digital industry while adapting or embedding non-European products as necessary—aiming to use them securely and autonomously. This is only possible through close cooperation among the state, economy, science, and society.

By Claudia Plattner and Florian Seiller

Cloud computing, artificial intelligence (AI), quantum technologies, and mobile standards 5G/6G are key technologies and essential drivers of digitalization. They are transforming our world at tremendous speed, enabling unprecedented innovation for state, economy, science, and society, thus forming the basis of our prosperity and competitiveness. They are indispensable to our economy and increasingly permeate everyday life, from smartphones, tablets, wearables, electric vehicles, smart homes, social media presence, to cloud storage of personal data. Yet we are only at the beginning of profound developments: smart factories, smart cities, eGovernment, automated and connected mobility, eHealth, and New Space may soon become reality. The 2030s might usher in the next megatrend: quantum technologies promising leaps in computing power, communication, sensing, and simulation. Moreover, the number of connected devices is expected to surge to over 39 billion globally by 2033—more than four devices per person.

The cyber threat landscape

To successfully shape digitalization, massive effort and acceleration are required in state modernization, research, market transfer, legislation, and standards, especially if we want to compete in the digital top league and lead in future technologies. Current geopolitical developments confronting the West sharpen our awareness of the inseparability of digitalization and security and the necessity of addressing both jointly as two sides of the same coin.

Particularly in cyberspace, what we call cyber aggression is felt profoundly. It is becoming a central battlefield for hybrid attacks (cyber conflict), a hotspot for criminals (cybercrime), and a sphere of technological dependencies (cyber dominance). Digital espionage, sabotage, disinformation, and propaganda have massively intensified over years, executable from almost anywhere in protected environments far from targets. Attribution is difficult as actors easily mask identities online. The damage caused—both virtual and physical—can be significant. For instance, cyberattacks on a European airport service provider in September 2025 severely disrupted air traffic. Or recall wind turbine disruption due to a satellite network attack in the context of the Ukraine war (2022). Persistent ransomware attacks targeting municipalities or their IT service providers disrupt or paralyze administration. Not only critical infrastructures but also democratic institutions—parliaments, parties, politicians, ministries, authorities, foundations, think tanks, and NGOs—face continuous digital fire aimed at shaking trust in state protection and democracy. A particularly insidious tactic is leaking stolen or manipulated data to discredit victims. Elections, a democracy’s core element, have also been targeted by foreign actors—with Germany’s vigilance keeping substantial success at bay. Many such attacks originate from state or state-affiliated actors such as intelligence services or APT groups with significant financial, technological, and personnel resources.

“Digitalization and security are inextricably linked. It is essential to think of both together.”

Cybercriminals operate sprawling, specialized ecosystems making substantial profits, especially via ransomware. Daily, around 300,000 malware variants appear. Boundaries between cyber conflict and cybercrime are increasingly blurred. The damages from cyberattacks to the German economy are immense: estimates for 2025 are about €202.4 billion, nearly €23 billion more than last year. For comparison, the 2025 federal budget is around €502.5 billion. IT outages from technical problems can also cause massive losses, such as the billions lost in 2024 due to a faulty update of Crowdstrike Falcon security software.

Analogously, Germany experiences continuous espionage and sabotage on land, water, and air, such as drone overflights, arson attacks, airspace provocations, or shadow fleets. Chancellor Friedrich Merz summarized this starkly: “We are not at war, but we are no longer living in peace” (Schwarz Ecosystem Summit, 26.09.2025).

Threat trends in cyberspace exemplified by artificial intelligence

Technological advances significantly shape security and defense policies. Dual-use technology AI is especially powerful, transforming social media, work, research, entertainment, and medicine. However, new technologies can also be misused. Foreign powers, criminals, and politically motivated hackers use innovative technologies to bypass IT defenses and increase digital offensive power. Already, attackers use AI-based methods on IT systems and infrastructure. AI-assisted attack tools speed vulnerability detection and exploitation, evade defenses, deploy malware via tailored social engineering (e.g., almost perfectly personalized phishing emails), or create malicious code—all without deep technical know-how. The darknet offers wide “shopping” options payable in cryptocurrency. AI might even support ransomware payments in cryptocurrency. The German Federal Office for Information Security (BSI) strongly advises against ransom payment. AI also amplifies Distributed Denial-of-Service (DDoS) attacks which temporarily disable web servers via overload. Particularly worrying is generative AI enabling automated attacks.

AI is heavily used for creating deepfakes and spreading disinformation, especially around elections, political campaigns, or to damage reputations. Expert knowledge is not always necessary—faces, voices, texts, and photos can be convincingly faked and misused criminally or politically. Experts increasingly struggle to distinguish real from fake due to rapid AI progress. Transparency is key, involving detection and digital “watermarks” to reliably verify content and provenance and identify AI-generated material. Authenticity confirmation from senders is needed—for example, a chancellor’s video should bear the federal chancellor’s office’s signature, while the Vatican would unlikely sign a photo of the pope in a Gucci coat.

Manipulation risk also comes from tampering AI systems by inputting distorted data to extract sensitive information or manipulate IT systems. In sum: AI models, especially large language models (LLMs), make future attacks faster, cheaper, and accessible to less technical hackers. AI’s military significance is evident in the Russian aggression on Ukraine. Autonomous AI hacking tools that independently compromise IT infrastructures do not yet exist, but LLM-based agents automating parts of attacks are deployed by foreign actors. The future will see attacks involving AI and against AI, cloud infrastructures, autonomous systems, or cryptography (e.g., quantum computing). We face a permanent and accelerating race between attackers and defenders.

The good news: new technologies do not only pose uncertainties but also many new opportunities—also for IT security. AI can help detect cyber threats and vulnerabilities faster (prevention), detect anomalies in data traffic (detection), intelligently analyze huge data sets, and automate defensive measures (response).

At the National IT Situation Centre, the operational cyber defense core at BSI, AI is already in use. However, only one in ten companies currently uses AI for cyber defense, so there is significant room for growth. Saarbrücken, a real AI hotspot, houses BSI’s AI expertise, intensively addressing AI and security questions, including digital consumer protection. In summer 2025, BSI published a checklist for AI systems in finance to systematically assess security, transparency, traceability, and fairness.

Technological dependencies exemplified by AI

Europeans’ vulnerabilities stem not only from direct attacks with new technologies but also from longstanding technological dependencies—digital products, quantum computing, 5G components, hardware, clouds, semiconductors. This is noticeable in administration, economy, and research. Surveys show that dependencies on the USA and China are perceived as largest in Germany. International crises and geopolitical tensions—sometimes fought with tariff and trade policy instruments, causing global trade conflicts—directly impact supply chains and can lead to influence via digital product manufacturers accessing data and services. Examples include solar inverter or router manufacturers from states where official bodies exert extensive control and manufacturers are obliged to full cooperation. Sabotage risks, such as in conflict scenarios, are also present. Such influence possibilities (cyber dominance) risk supply security, economy, and general security.

“The USA and China have significant market power.”

In AI, besides manufacturer access, market concentration causes technological dependency. The USA and China dominate, controlling availability of advanced generative AI models and necessary cloud infrastructures. Powerful AI models are usually licensed restrictively or cloud-hosted. Few large US and Chinese firms dominate training and hosting. Hardware is often overlooked: powerful AI systems demand specific, high-performance chips (GPUs, dedicated AI chips) developed and produced by few global companies in specific regions. This creates tangible supply risks and uncertainties. Additionally, dependency on quality training data with unverifiable validity exists.

Measures to strengthen digital sovereignty

As Germany’s cybersecurity authority, BSI believes states must ensure digital key technologies are available and securely usable to successfully and safely advance digitalization, mitigate risks, and reduce dependencies—especially amid hybrid threats and geopolitical rivalries. Our view: a dual strategy is needed:

First, strengthen the European market and domestic digital industry and accelerate digital sovereignty. Large foreign Big Tech companies still have significant lead in some areas; a full and sudden switch to national and European digital solutions is currently impossible. Since alternatives to foreign suppliers in AI are currently limited, European AI promotion must be intensified. Cybersecurity must be considered from the start (security by design).

Fortunately, numerous promising national and European approaches, initiatives, and products now exist in cloud and AI. Germany and Europe must catch up. We must invest more in German and European programs and better foster market readiness of domestic developers and manufacturers to produce internationally competitive products. Often, the hurdle is not fundamental research but market entry. This applies to cybersecurity products as well. Building a cyber market concretely benefits our cybersecurity and is a pillar of BSI’s strategy toward a cyber nation.

“We must invest more strongly in German and European programs.”

Second, adapt or embed international products technically as needed for secure and autonomous use and reliable prevention of undesired data leaks. European norms, standards, and security requirements must guide manufacturers and providers. Core is implementing technical control layers in products and services to better secure technologies and reduce dependencies. Yet extensive research and development effort is required. Securing products also requires close collaboration with manufacturers and open source communities nationally, across Europe, and internationally—practiced by BSI already.

The more trustworthy products available, the more sovereign decisions and secure digitalization become. It is about assessing and mastering technologies. Without this ability, we cannot master digitalization or cybersecurity. Assessing security properties and deriving requirements for products and services is a core BSI task. Close exchange with international partners, especially transatlantic, is indispensable.

This is why we also value dialogue at Atlantik-Brücke: it provides a forum for exchange among state, economic, and societal representatives on both sides of the Atlantic, strengthens mutual trust, and brings the transatlantic value community to life amid massive security threats. We look forward to continued exchange and jointly shaping cybersecurity in the future!

About the authors: Claudia Plattner is President of the Federal Office for Information Security (BSI), Dr. Florian Seiller works in Department K24 – Strategies and New Approaches to Information Security (BSI).

[Disclaimer: This text was originally written in German. The English translation was produced with the help of AI.]