Socwise logo
close
Lesku Gergely
08/29/2024

New NIS2 German legislation Announced by BSI in Germany

Lesku Gergely
In Germany, the Federal Office for Information Security (BSI) has announced new regulations under the NIS2 (Network and Information Security Directive 2). Initiated by the EU, NIS2 aims to enhance cybersecurity and improve the response to cyber incidents across the Union.

Key Developments in Germany

It has an extended scope. NIS2 covers more sectors and organizations compared to the previous NIS directive.

  Sectors covered by NIS2:

  • Energy
  • Transport
  • Financial services
  • Healthcare
  • Drinking water and wastewater management
  • Digital infrastructure
  • Public services

  New Sectors:

  • Food industry
  • Manufacturing
  • Digital services including search engines and social media

Stronger obligations. Companies are required to implement stricter cybersecurity measures and report cyber incidents regularly.

  Required Measures under NIS2:

  • Risk Analysis and Management: Identify and manage potential cyber risks.
  • Incident Management: Quick response and proper actions to handle cyber incidents.
  • Continuous Monitoring: Constant monitoring of networks and information systems.
  • Cybersecurity Training: Ongoing training for employees to recognize and manage cyber threats.
  • Reporting Obligations: Report cyber incidents to the appropriate authorities.
  • Training and Audit Requirements: Organizations must provide continuous training for their employees and conduct regular audits.

Expectations and Implementation Timeline

German companies are expected to start adapting to the new regulations in 2024, overseen by the BSI. BSI also offers an online "Betroffenheitsprüfung" tool to help companies determine if they are affected by the new directive.

Self-Assessment for Companies

Purpose: The self-assessment helps companies determine if they are affected by NIS2 and evaluate their current cybersecurity status, enabling timely compliance with regulations.

Process:

  1. Questionnaire Completion: Companies fill out a detailed questionnaire about their size, scope of activities, and cybersecurity measures.
  2. Risk Analysis: Identify potential cyber risks and weak points.
  3. Result Analysis: Evaluate the results and determine necessary actions.

Outcome: Companies receive a detailed report with the assessment results and recommendations for improving cybersecurity measures.

For more details, visit the BSI official website.

Contributions from SOCWISE

SOCWISE offers comprehensive cybersecurity compliance support, particularly useful for meeting NIS2 requirements:

  • Risk Management Solutions: Development and implementation of risk management strategies, including the identification and management of cybersecurity risks.
  • Technical and Organizational Measures: Implementation of technical and organizational measures to improve the security of networks and information systems.

  Specific Services:

  • SOC (Security Operations Center) Services: Monitoring and incident management services to help companies with continuous surveillance and rapid handling of cybersecurity incidents.
  • Consulting in several areas including:
    • Cybersecurity Incident Management
    • Security Architecture
    • Policies, Processes, Internal Regulation
    • Business Continuity and Disaster Recovery Planning
  • Engineering Services:
    • Network Boundary Protection
    • State of the Art Network Security Solutions
    • Cloud Security
    • Endpoint Security and XDR Solutions
    • SIEM, SOAR, and Threat Intelligence Solutions
    • OT Security Solutions
    • Identity and Access Management Solutions
SOCWISE © 2022 ALL RIGHTS RESERVED  Business value protection in expert hands.
crossmenu
SOCWISE
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.