The NIS 2 Implementation Act is coming – new cyber regulations before 2024

NIS2UmsuCG – a complicated-sounding string of letters – is coming our way this year and translates as the NIS 2 Implementation and Cyber Security Strengthening Act.

It is estimated that the law will affect at least 30 thousand companies when it is introduced.

It is therefore important that you check whether you also fall under it. This is the case if you belong to the „essential“ and „important“ institutions, or if you are a KRITIS operator. The legislative process is expected to be completed by October 2024.

In any case, you will have to deal with the regulations if you are active in the following sectors:

Essential: energy, transportation, banking, healthcare, drinking water, wastewater, digital infrastructure, ICT service management, administration, financial market, space,

Important: Post, waste management, industry, digital services, research, chemical companies, food industry,

and if you have 50 or more employees and generate an annual turnover of 10 million.

However, it is important to note that small companies that generate less turnover or have fewer employees may also fall within the scope of application. If they carry out critical activities that could have an impact on public order, or if they have cross-border effects, they are also affected.

The NIS 2 Directive is also of particular importance for managing directors, CEOs and board members, as they are held accountable. Specifically, this means that these persons must approve and monitor risk management.

If they do not comply with these obligations, this can also result in personal liability. Inadequate or insufficient preparatory actions can also give rise to such liability.

In any case, action should be taken quickly and, if necessary, professional support should be sought. We draw your attention to this in particular as part of our duty to inform. Gindat can also support you in all phases of the process. We recently presented an overview of this topic at our ITQC event to raise your awareness. Feel free to contact us if you have any questions or uncertainties. Our team is always at your disposal.

Zurück

Name	Zweck	Ablauf	Typ	Anbieter
`CookieConsent`	Speichert Ihre Einwilligung zur Verwendung von Cookies.	1 Jahr	HTML	Website
`fe_typo_user`	Dieser Cookie wird gesetzt, wenn Sie sich im Bereich myGINDAT anmelden.	Session	HTTP	Website
`PHPSESSID`	Kurzzeitiger Cookie, der von PHP zum zwischenzeitlichen Speichern von Daten benötigt wird.	Session	HTTP	Website
`__cfduid`	Wir verwenden eine "Content Security Policy", um die Sicherheit unserer Website zu verbessern. Bei potenziellen Verstößen gegen diese Policy wird ein anonymer Bericht an den Webservice report-uri.com gesendet. Dieser Webservice lässt über seinen Anbieter Cloudflare diesen Cookie setzen, um vertrauenswürdigen Web-Traffic zu identifizieren. Der Cookie wird nur kurzzeitig im Falle einer Bericht-Übermittlung auf der aktuellen Webseite gesetzt.	30 Tage/ Session	HTTP	Cloudflare/ report-uri.com

Name	Zweck	Ablauf	Typ	Anbieter
`_pk_id`	Wird verwendet, um ein paar Details über den Benutzer wie die eindeutige Besucher-ID zu speichern.	13 Monate	HTML	Matomo
`_pk_ref`	Wird verwendet, um die Informationen der Herkunftswebsite des Benutzers zu speichern.	6 Monate	HTML	Matomo
`_pk_ses`	Kurzzeitiger Cookie, um vorübergehende Daten des Besuchs zu speichern.	30 Minuten	HTML	Matomo
`_pk_cvar`	Kurzzeitiger Cookie, um vorübergehende Daten des Besuchs zu speichern.	30 Minuten	HTML	Matomo
`MATOMO_SESSID`	Kurzzeitiger Cookie, der bei Verwendung des Matomo Opt-Out gesetzt wird.	Session	HTTP	Matomo
`_pk_testcookie`	Kurzzeitiger Cookie der prüft, ob der Browser Cookies akzeptiert.	Session	HTML	Matomo