Up to now, when TÜV inspects an industrial facility, data protection and cyber security have hardly ever been a test criterion. That has been a complaint of the responsible persons in their comment to the Facility Safety Report 2018 . "In addition to safety valves and boiler walls, algorithms, digital interfaces and the security of data also has to be independently tested in the future," says Joachim Bühler , Managing Director of the TÜV Association. However, this requires that the auditors have access to the latest diagnostic data and software versions of the safety and emission-related systems. To do this, lawmakers have to modify legislation. The facility safety report evaluates the legal basis of the tests that were carried out in 2017 by the approved inspection bodies.
Digital risks are one of the biggest threats in German companies, according to a survey by the digital association Bitkom . Only four out of ten companies in total are prepared for cyber-attacks; even among the operators of critical infrastructures (energy providers, financial service providers, etc.), hardly more than the half has a contingency plan. According to the experts, such a plan should establish immediate emergency measures to be taken when, for example, production is paralyzed due to digital attacks, important websites such as online services or online shops are not accessible, or there is an outflow of sensitive corporate data.