The Wheel of Motion from BSI describes sustainable cybersecurity as a permanent task for government, business, and public administration. The Cyberdome, the structural update of the NCAZ, and the standardized sovereignty criteria for cloud services are presented as operational tools.
BSI’s Wheel of Motion aims to make cyber resilience a permanent operating model
With the BSI’s Wheel of Motion, Claudia Plattner presented a strategic model on March 6, 2026, that describes cybersecurity not as a series of isolated crises, but as a permanent operational task. Unlike traditional security updates on vulnerabilities, attack campaigns, or patches, the paper does not focus on the next individual incident, but on the question of how Germany and Europe can safeguard their long-term digital capacity to act.
BSI’s Wheel of Motion formulates an ambition that is equally relevant for security leaders in companies, government agencies, and critical infrastructure organizations: cybersecurity should no longer be organized mainly as a reactive function. Instead of introducing new isolated measures after every incident, protection should become systematic, scalable, and sustainably effective. At its core, the concept is about a security architecture that brings together detection, defense, control, and digital sovereignty, turning them into a resilient operating model.
From Wheel of Distortion to Wheel of Motion
To properly understand the initiative, it is worth looking at the Wheel of Distortion, which the BSI published on February 13, 2026. That earlier model described the digital world as a space of growing distortions: geopolitical tensions, technological power shifts, new dependencies, and a security environment in which digitalization has long become a strategic dimension. BSI’s Wheel of Motion is the logical follow-up. If the Wheel of Distortion diagnoses the situation, the Wheel of Motion is intended to organize the response. Systematically, the emphasis shifts from describing disruption to building a preventive resilience strategy.
Here, the BSI is attempting to create a framework for modern cyber resilience. This framework is based on the assumption that security in the digital domain cannot be achieved through regulation alone, nor through technology alone. It only becomes sustainable when political priorities, operational capabilities, vendor responsibility, sovereignty, and cross-agency coordination are aligned. BSI’s Wheel of Motion should therefore be read as a governance model. It explains why cyber resilience today is about far more than incident response, and why digital success is no longer conceivable without continuous security capability.
BSI’s Wheel of Motion takes sustainable cybersecurity to a new level
In substance, the BSI structures its initiative around three directions that can be understood as:
- Cyber Automation,
- Cyber Defense, and
- Cyber Control.
The logic behind this is clear. First, protection and response processes are to become more automated, because traditional manual procedures are increasingly unable to keep pace with the dynamics of modern threats. Second, the state needs robust defense and response capabilities that go beyond isolated situational awareness. Third, digital control becomes a prerequisite for resilience, because dependencies on platforms, infrastructures, and cloud architectures have long become part of the security problem.
For Germany and Europe, this marks a relevant shift in perspective. Sustainable cybersecurity should therefore not be described as a cost center, but as a prerequisite for state stability, economic resilience, and digital competitiveness. This approach fits into a period in which security issues are closely tied to sovereignty, supply chains, cloud dependencies, and regulatory enforcement. BSI’s Wheel of Motion is intended to bring these levels together. Its strength lies in the way it defines resilience as a permanent function of the digital domain. Its vulnerability, like that of any strategic model, remains the depth of implementation. This is where operational tools become decisive.
Operational tools in BSI’s Wheel of Motion
The strategic model also presents operational approaches, making clear that the initiative should not be seen merely as a guiding concept, but as a framework for concrete implementation. The Cyberdome, the announced update for the National Cyber Response Centre, and the planned sovereignty criteria for cloud services represent three different levels of the same strategy: technical defense, institutional coordination, and manageable digital dependencies.
Cyberdome as a tool for early detection and automated defense
As early as February, the BSI emphasized the need to industrialize cybersecurity more strongly and to bring together capabilities, resources, and expertise under its umbrella into a digital protective shield for Germany in the areas of situational monitoring, threat intelligence, incident handling, and critical infrastructure protection. In BSI’s Wheel of Motion, the Cyberdome now appears not as an isolated project, but as a practical lever for Cyber Automation and Cyber Defense.
The direction is clear: anomalies are to be detected earlier, attacks analyzed faster, and responses increasingly automated. In practice, this would amount to a substantial transformation, because such a protective shield requires shared data foundations, standardized interfaces, reliable decision-making processes, and clear legal boundaries for automated interventions. Not all architectural details have yet been made public.
The NCAZ update as a tool for stronger inter-agency coordination
A second instrument lies at the organizational level. The BSI has announced a structural update for the National Cyber Response Centre. The NCAZ traces back to a cabinet decision of February 23, 2011, and was officially inaugurated on June 16, 2011; in 2026, it is therefore entering its fifteenth year. If the BSI now says it wants to make this alliance of security authorities more effective in the coming months, that is systemically consistent.
In its logic, BSI’s Wheel of Motion requires not only technical capabilities, but also a coordinated government architecture that consolidates situational awareness more quickly, sets priorities more clearly, and makes response chains more robust. What remains open, however, is how far-reaching this restructuring will be.
Sovereignty criteria as a tool for resilient cloud decisions
The third instrument may appear more technocratic at first glance, but it could prove especially consequential for the market and for public administration. Later this year, the BSI intends to publish standardized sovereignty criteria for cloud services. Within BSI’s Wheel of Motion, such criteria take on a strategic function. They are meant to make digital sovereignty more measurable by improving comparability, controllability, and resilient procurement decisions.
For government bodies and regulated companies, this would be an operational tool for assessing cloud offerings not only in terms of security and compliance, but also in terms of dependencies, switching options, and crisis resilience. This shifts the perspective: cloud security is no longer treated solely as a technical or regulatory issue, but as a component of strategic freedom to act. That fits squarely into the core logic of BSI’s Wheel of Motion, which explicitly links resilience with control over critical digital infrastructures.
*Source of the graphic element “Wheel of Motion” incorporated into the cover image: BSI.
