G 0.5 — Natural Disasters

Natural disasters rarely top the daily IT security agenda, but when they strike the impact is often existential. A flood does not distinguish between protected and unprotected areas. It destroys everything in its path.

The BSI lists natural disasters as elementary threat G 0.5. Earthquakes, floods, storms, landslides, avalanches — the type of risk depends on the site, but no location in Central Europe is entirely free of natural hazards.

What’s behind it?

Natural disasters encompass seismic, climatic and volcanic phenomena with devastating effects on people and infrastructure. In the DACH region, floods, storms and (regionally) earthquakes are most relevant.

The greatest danger lies in the combination of a natural event and insufficient preparation. A data centre in a flood zone can be structurally protected — if it actually is protected. Most damage occurs because the risk was known but no measures were implemented.

Natural hazards

Floods and inundation — The most common damage event in Germany. River flooding (Elbe, Danube, Rhine), flash floods after heavy rain and rising groundwater can flood basements and ground floors. Data centres in basement rooms are particularly vulnerable.
Severe storms — Hurricane-force gusts damage building envelopes and infrastructure (antennas, rooftop AC units, windows). Hail can destroy solar installations and rooftop cooling units. Lightning causes overvoltage damage.
Earthquakes — Along the Upper Rhine Graben, in the Swabian Jura, the Vogtland and the Lower Rhine region, Germany has measurable seismic risk. Even moderate earthquakes (magnitude 4–5) can damage buildings and infrastructure.
Landslides and slope movements — In hilly and mountainous regions, especially after heavy rain or snowmelt.

Impact

Even organisations that are not directly affected can face substantial disruptions. Large-scale exclusion zones prevent personnel from reaching the buildings. Utility networks (electricity, water, communications) can fail regionally for days or weeks. Suppliers and service providers may be hit simultaneously — a cascade effect often underestimated in emergency planning.

Practical examples

Data centre in a flood zone. A mid-sized company runs its data centre in the basement of a building on a riverbank. The flood risk is known, but measures were postponed. At the next flood, water enters through the basement windows and the sewer system. All IT fails. The insurer refuses payment because the site lies in a designated flood zone.

Hurricane destroys rooftop infrastructure. On the flat roof of an office building sit AC units, satellite dishes and antennas. A storm with gusts above 130 km/h tears an AC unit from its mounts and damages the roof skin. Rainwater enters through the damaged area and flows into the server room below. At the same time, the server room’s air conditioning fails.

Heavy rain and flash flood. An extreme heavy-rain event surprises a small town. The rainfall of half a month falls within one hour. The sewer system is overloaded, water shoots through streets and underground car parks. The office building of an IT service provider is flooded — the ground floor stands 40 centimetres under water. The ground-floor power distributor is destroyed. Personnel can only re-enter the building two days later.

Relevant controls

The following ISO 27001 controls mitigate this threat. (You’ll find the complete list of 3 mapped controls below in the section ‘ISO 27001 Controls Covering This Threat’.)

Prevention:

A.7.5 — Protecting against physical and environmental threats: Site selection, structural protection and measures against natural hazards.
A.7.11 — Supporting utilities: Redundant utilities and emergency power concepts for regional infrastructure outages.
A.7.13 — Equipment maintenance: Regular servicing and testing of protective installations (pumps, backflow preventers, emergency generators).

BSI IT-Grundschutz

G 0.5 is linked in the BSI IT-Grundschutz catalogue to the following modules:

INF.1 (General building) — Site assessment, structural protection against natural hazards and emergency planning.
INF.2 (Data centre and server room) — Extended protection requirements for sites with known natural hazards.
INF.5 (Room and cabinet for technical infrastructure) — Protection of technical rooms from natural events.
DER.4 (Emergency management) — Business-continuity planning for large-scale damage events.

Sources

BSI: The State of IT Security in Germany — Annual report with current threat statistics
BSI IT-Grundschutz: Elementary Threats, G 0.5 — Original description of the elementary threat
ISO/IEC 27002:2022 Section 7.5 — Implementation guidance on protection against physical and environmental threats

Frequently asked questions

Are natural disasters in Central Europe a realistic risk for IT infrastructure?

Yes. Flooding occurs regularly — entire regions are affected along the Rhine, Elbe, Danube and their tributaries. Severe storms with hurricane-force gusts or hail can damage buildings and infrastructure. Certain regions (Upper Rhine Graben, Swabian Jura) also carry a measurable earthquake risk. The risk varies strongly by location.

How do I account for location in the risk analysis?

Check flood maps (state geoportals), seismic hazard maps (GFZ Potsdam) and historical weather data for the site. Document site-specific risks in the risk analysis and derive measures: structural protection, emergency plans, geo-redundant systems.

Does every organisation need a second site?

Geo-redundancy is the most effective measure against natural disasters, but economically out of reach for many organisations. Alternatives: cloud backups in another region, contractually secured alternative workplaces, Disaster-Recovery-as-a-Service. What matters is that the recovery strategy is documented and tested.