KRITIS: The Critical Infrastructure Growth Spiral

8. August 2023


Critical infrastructures form the foundation of our modern society. They ensure the smooth functioning of a wide range of sectors and are essential for daily life. But how do these key facilities evolve over the years? To answer this question, our expert for IT security of critical infrastructures and KRITIS auditor Vinzent Ratermann sent a request to the German Federal Office for Information Technology (BSI) in June this year asking for information on the number of registered installations of critical infrastructure operators.

Vinzent Ratermann, KRITIS-Auditor, usd AG
Vinzent Ratermann

Significant increase in KRITIS facilities

If we compare this data from 2020 with that from 2022, we quickly see that more and more companies are qualifying as critical infrastructure operators and that the topic of critical infrastructure is thus becoming increasingly important:

Registered facilities of critical infrastructure operators by sector

In each sector, more critical infrastructure operators were registered with the BSI in 2022 than two years earlier. The most significant increase was in the energy (+45%), food (+24%) and information technology and telecommunications (+23%) sectors. This can be attributed not least to the fact that the threshold values specified in the BSI Criticality Ordinance for each type of facility were revised downward in 2021. In the 3rd Ordinance amending the BSI Criticality Ordinance of March 2023, these thresholds have been lowered again. It can therefore be firmly assumed that the number of operators of critical infrastructures or facilities registered with the BSI will increase again.


In an increasingly interconnected and digitized world, the security and reliability of critical facilities are critical. The challenges posed by cyberattacks, natural disasters and other potential threats make a comprehensive protection strategy necessary. We therefore welcome the efforts of companies and public authorities to work together to further strengthen the resilience of critical infrastructures to ensure smooth operations and the protection of our society.

Do you need assistance?

Do you have any questions or need support wih your KRITIS Audit? Contact us, we are happy to help. 

Also interesting:

Setting off for DORA – Your Preparation in 3 Steps

Setting off for DORA – Your Preparation in 3 Steps

DORA, the Digital Operational Resilience Act, is currently keeping the entire European financial sector on tenterhooks. The European Commission's regulation is accompanied by extensive requirements for digital resilience and there is less than a year left to implement...

What Cyber Security Has to Do with Your Annual Financial Statements

What Cyber Security Has to Do with Your Annual Financial Statements

Inadequate cyber security is one of the biggest risks for companies today. This is the assessment of the World Economic Forum, which ranks cyber insecurity as the fourth biggest risk for the next two years in its Global Risks Report 2024. That is why cyber security...