{"id":16055,"date":"2025-11-13T17:46:49","date_gmt":"2025-11-13T16:46:49","guid":{"rendered":"https:\/\/www.robin-data.io\/?p=16055"},"modified":"2025-12-03T14:21:10","modified_gmt":"2025-12-03T13:21:10","slug":"nis-2-directive","status":"publish","type":"post","link":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive","title":{"rendered":"NIS2: EU directive for more cyber security"},"content":{"rendered":"<div  class='flex_column av-6kd3hhc-f210d8e5670c4cb7b18b66478d4e24f6 av_one_full  avia-builder-el-0  el_before_av_one_full  avia-builder-el-first  first flex_column_div'     ><p><section  class='av_textblock_section av-lati8klg-df702c5e62672e1537553135294c3e62'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\">Data Protection Academy<\/a> \u00bb <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\">Data Protection News<\/a> \u00bb <strong>NIS-2 Directive<\/strong><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-66vichs-cd104e9bf82e17a8e1ed24208398f9f4\">\n.avia-image-container.av-66vichs-cd104e9bf82e17a8e1ed24208398f9f4 img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-66vichs-cd104e9bf82e17a8e1ed24208398f9f4 .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-66vichs-cd104e9bf82e17a8e1ed24208398f9f4 av-styling- avia-align-left  avia-builder-el-2  el_after_av_textblock  el_before_av_hr'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" loading=\"lazy\" class='wp-image-14055 avia-img-lazy-loading-14055 avia_image' src=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\" alt='NIS2: EU directive for cyber security' title='NIS2: EU directive for cyber security'  height=\"343\" width=\"685\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg 685w, https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne-300x150.jpg 300w, https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne-18x9.jpg 18w\" sizes=\"auto, (max-width: 685px) 100vw, 685px\" \/><\/div><\/div><\/div><br \/>\n<div  class='hr av-5qtkvkw-410af83d638c329078749686c01f2314 hr-default  avia-builder-el-3  el_after_av_image  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-579ysv4-af1e4cd6e99206fb8207f1499411ad34\">\n#top .av-special-heading.av-579ysv4-af1e4cd6e99206fb8207f1499411ad34{\npadding-bottom:10px;\ncolor:#303440;\n}\nbody .av-special-heading.av-579ysv4-af1e4cd6e99206fb8207f1499411ad34 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-579ysv4-af1e4cd6e99206fb8207f1499411ad34 .special-heading-inner-border{\nborder-color:#303440;\n}\n.av-special-heading.av-579ysv4-af1e4cd6e99206fb8207f1499411ad34 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-579ysv4-af1e4cd6e99206fb8207f1499411ad34 av-special-heading-h1 custom-color-heading blockquote modern-quote  avia-builder-el-4  el_after_av_hr  el_before_av_hr'><div class='av_custom_color av-subheading av-subheading_above'><p>Update from 13 November 2025<\/p>\n<\/div><h1 class='av-special-heading-tag'  itemprop=\"headline\"  >NIS 2 Directive: EU directive for more cyber security<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lf6r8za7-8c6f9c6ec4c065713c89d1769ff1d702\">\n#top .hr.hr-invisible.av-lf6r8za7-8c6f9c6ec4c065713c89d1769ff1d702{\nheight:24px;\n}\n<\/style>\n<div  class='hr av-lf6r8za7-8c6f9c6ec4c065713c89d1769ff1d702 hr-invisible  avia-builder-el-5  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-4f1falc-4a14c1438d1d8766ae666f442bd1d400'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>In an increasingly networked world <strong>Cybersecurity<\/strong> and the <strong>Protecting our digital infrastructures<\/strong> of crucial importance. The <strong>NIS2 Directive<\/strong>, The further development of the Network and Information Systems Directive (NIS) aims to strengthen the security of the digital landscape in the European Union. On 13 November 2025, Germany transposed the EU's NIS 2 Directive into national law. For organisations, this means a fundamental tightening of cybersecurity obligations. But what exactly is changing? This article provides an overview. <strong>Overview of the new scope and key obligations of NIS2<\/strong> as well as practical examples of how you can master implementation with the help of ISO 27001.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lchmt9o6-9f3a631de436ec41d76aa7d1670527f2\">\n#top .av-special-heading.av-lchmt9o6-9f3a631de436ec41d76aa7d1670527f2{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lchmt9o6-9f3a631de436ec41d76aa7d1670527f2 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lchmt9o6-9f3a631de436ec41d76aa7d1670527f2 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-lchmt9o6-9f3a631de436ec41d76aa7d1670527f2 av-special-heading-h2 blockquote modern-quote  avia-builder-el-7  el_after_av_textblock  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Key information on the NIS2 Directive<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lchnro6e-c3666ba81ad30b5bd1cf73a8e73b327d'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li style=\"font-size: 20px;\">NIS2 is the further development of the original NIS Directive (<strong>Network and Information Systems Directive<\/strong>), which was first adopted in 2016.<\/li>\n<li style=\"font-size: 20px;\">The aim of both directives is to <strong>Strengthening cyber security <\/strong>and protect the digital infrastructure and critical services from cyber threats.<\/li>\n<li style=\"font-size: 20px;\">On <strong>16 January 2023<\/strong> the so-called NIS2 Directive came into force. The EU member states had until <strong>17 October 2024<\/strong> Time to transpose the directive into national law. On <strong>13 November 2025<\/strong> Germany has transposed the EU's NIS 2 Directive into national law.<\/li>\n<li style=\"font-size: 20px;\">The NIS2 directive affects more organisations and requires <strong>stricter security measures<\/strong>. Companies that do not fulfil the requirements of NIS2 risk being penalised. <strong>Fines<\/strong>. Managing directors are directly liable.<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div><div class='flex_column_table av-lchmhnod-f1b341c3ad251cf840e6a90a1f1df7e7 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lchmhnod-f1b341c3ad251cf840e6a90a1f1df7e7\">\n.flex_column.av-lchmhnod-f1b341c3ad251cf840e6a90a1f1df7e7{\npadding:25px 25px 25px 25px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  class='flex_column av-lchmhnod-f1b341c3ad251cf840e6a90a1f1df7e7 av_one_full  avia-builder-el-9  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  class='av_textblock_section av-kiipug5e-71d2c8f0de795210673e2f91b4232926'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Content on the NIS2 Directive:<\/h2>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8\">\n#top .avia-icon-list-container.av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8 .iconlist_icon{\ncolor:#127db3;\nfont-size:20px;\n}\n#top .avia-icon-list-container.av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8 .iconlist_icon svg:first-child{\nstroke:#127db3;\nfill:#127db3;\nheight:20px;\nwidth:20px;\n}\n#top #wrap_all .avia-icon-list-container.av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8 .av_iconlist_title{\nfont-size:20px;\n}\n<\/style>\n<div  class='avia-icon-list-container av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8  avia-builder-el-11  el_after_av_textblock  el_before_av_hr'><ul class='avia-icon-list avia_animate_when_almost_visible avia-icon-list-left av-iconlist-small av-kiiw1urp-f27e17df72223b7dbe3b5605698b72d8 avia-iconlist-animate'>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-9-2-42a037963d6e88a484ba5d3efc7fc3da avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#whitepaper&#039; title=&#039;Whitepaper NIS-2 Directive: EU Directive for more cyber security&#039;&gt;Whitepaper NIS-2 Directive: EU Directive for more cyber security&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#whitepaper' title='Whitepaper NIS-2 Directive: EU Directive for more cyber security'>Whitepaper NIS-2 Directive: EU Directive for more cyber security<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-3-569ddee4472dc99e28ccbed6e083f1c3 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#definition-ziele-aufgaben&#039; title=&#039;What is NIS2: This is what the new EU cyber security directive says&#039;&gt;What is NIS2: This is what the new EU cyber security directive says&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#definition-ziele-aufgaben' title='What is NIS2: This is what the new EU cyber security directive says'>What is NIS2: This is what the new EU cyber security directive says<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#neuerungen-nis2\">Innovations: More cyber security through the NIS 2 directive<\/a><\/li>\n<li><a href=\"#aktueller-stand-nis2\">Current status of implementation in Germany<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-9-2e7370feb4bcee98213371a0fd903150 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#entstehung-nis2&#039; title=&#039;Origin of the NIS 2 Directive&#039;&gt;Origin of the NIS 2 Directive&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#entstehung-nis2' title='Origin of the NIS 2 Directive'>Origin of the NIS 2 Directive<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-e12295372dd9d7114d4bb62cc26f0913 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#anforderungen&#039; title=&#039;Requirements of the NIS2 Directive&#039;&gt;Requirements of the NIS2 Directive&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#anforderungen' title='Requirements of the NIS2 Directive'>Requirements of the NIS2 Directive<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-3-1-037e3ca3ffd890a71c56da2911f3de12 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#betroffene-unternehmen&#039; title=&#039;Which companies must implement NIS2?&#039;&gt;Which companies must implement NIS2?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#betroffene-unternehmen' title='Which companies must implement NIS2?'>Which companies must implement NIS2?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-9fffda44a987cd1390c6395cb6836794 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#umsetzung-nis2&#039; title=&#039;Implementation of the NIS 2 Directive&#039;&gt;Implementation of the NIS 2 Directive&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#umsetzung-nis2' title='Implementation of the NIS 2 Directive'>Implementation of the NIS 2 Directive<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#verantwortliche\">Responsible for the implementation of the NIS 2 Directive<\/a><\/li>\n<li><a href=\"#mindestanforderungen\">Minimum requirements for cyber security<\/a><\/li>\n<li><a href=\"#risikomanagement\"> Risk management in accordance with NIS-2<\/a><\/li>\n<li><a href=\"#berichtspflichten\"> Reporting obligations in accordance with NIS2<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-548514b81b36ca41d92a69bd78bf7c97 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#isms&#039; title=&#039;Implementation of an ISMS in preparation for NIS2&#039;&gt;Implementation of an ISMS in preparation for NIS2&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#isms' title='Implementation of an ISMS in preparation for NIS2'>Implementation of an ISMS in preparation for NIS2<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-9-2-2-2-3ab6bc61ceac37a674252fd7b7c59345 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#gf-haftung&#039; title=&#039;Role of management: Liability makes cybersecurity a top priority&#039;&gt;Role of management: Liability makes cybersecurity a top priority&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#gf-haftung' title='Role of management: Liability makes cybersecurity a top priority'>Role of management: Liability makes cybersecurity a top priority<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-3-1-2-570d0ac5acf79a3e2fa5f49a5626b15b avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#sanktionen&#039; title=&#039;Penalties and sanctions for violation of NIS2&#039;&gt;Penalties and sanctions for violation of NIS2&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#sanktionen' title='Penalties and sanctions for violation of NIS2'>Penalties and sanctions for violation of NIS2<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-9-2-2-2160046218c42c783840caab32f044f2 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#praxisbeispiele&#039; title=&#039;Practical examples: Implementation of NIS2 obligations with ISO 27001&#039;&gt;Practical examples: Implementation of NIS2 obligations with ISO 27001&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#praxisbeispiele' title='Practical examples: Implementation of NIS2 obligations with ISO 27001'>Practical examples: Implementation of NIS2 obligations with ISO 27001<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-7jdvf-2-2-1-1-11-9-2-2-2-3-142b1f94ccbe1526ea27cd38f158208c avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#fazit&#039; title=&#039;Conclusion&#039;&gt;Conclusion&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#fazit' title='Conclusion'>Conclusion<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa\">\n#top .hr.hr-invisible.av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa hr-invisible  avia-builder-el-12  el_after_av_iconlist  avia-builder-el-last'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 --><\/p>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnis7ra6-70b773dd666f2c8af2596c1016c93e60\">\n.flex_column.av-lnis7ra6-70b773dd666f2c8af2596c1016c93e60{\npadding:25px 25px 25px 25px;\nbackground-color:#b3dff1;\n}\n<\/style>\n<div  class='flex_column av-lnis7ra6-70b773dd666f2c8af2596c1016c93e60 av_one_full  avia-builder-el-13  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnis5wm6-a172620c593432d2408719e1f5752f68\">\n.iconbox.av-lnis5wm6-a172620c593432d2408719e1f5752f68 .iconbox_icon{\ncolor:#127db3;\n}\n.iconbox.av-lnis5wm6-a172620c593432d2408719e1f5752f68 .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#127db3;\nstroke:#127db3;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-lnis5wm6-a172620c593432d2408719e1f5752f68 av-icon-style-no-border  avia-builder-el-14  avia-builder-el-no-sibling'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue81f' data-av_iconfont='entypo-fontello'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Complete title of the directive\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Full title of the directive<\/h3><\/header><div class='iconbox_content_container'  itemprop=\"text\" ><p>Directive (EU) 2022\/2555 of the European Parliament and of the Council of 14 December 2022 concerning measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910\/2014 and Directive (EU) 2018\/1972 and repealing Directive (EU) 2016\/1148 (NIS2 Directive)<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lq0x1o7u-bb8033fdfabbe50c71f28ffd7fc432b3\">\n.flex_column.av-lq0x1o7u-bb8033fdfabbe50c71f28ffd7fc432b3{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  id=\"whitepaper\"  class='flex_column av-lq0x1o7u-bb8033fdfabbe50c71f28ffd7fc432b3 av_one_full  avia-builder-el-15  el_after_av_one_full  el_before_av_one_full  first flex_column_div av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lq0wwxq2-c090722e7702a7ab20eb5ab92c8d6b69\">\n#top .av-special-heading.av-lq0wwxq2-c090722e7702a7ab20eb5ab92c8d6b69{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lq0wwxq2-c090722e7702a7ab20eb5ab92c8d6b69 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lq0wwxq2-c090722e7702a7ab20eb5ab92c8d6b69 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-lq0wwxq2-c090722e7702a7ab20eb5ab92c8d6b69 av-special-heading-h2  avia-builder-el-16  el_before_av_image  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Whitepaper NIS-2 Directive: EU Directive for more cyber security<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lq0ww4sk-5fdecb0f75204771a2edfb436262eb90\">\n.avia-image-container.av-lq0ww4sk-5fdecb0f75204771a2edfb436262eb90 img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-lq0ww4sk-5fdecb0f75204771a2edfb436262eb90 .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-lq0ww4sk-5fdecb0f75204771a2edfb436262eb90 av-styling- av-img-linked avia-align-left  avia-builder-el-17  el_after_av_heading  el_before_av_hr  tp_de2'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><a href=\"#formular\" class='avia_image'  aria-label='Whitepaper: Implementing a Directory of Processing Activities in compliance with the GDPR'><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-16381 avia-img-lazy-loading-not-16381 avia_image' src=\"https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-1030x429.png\" alt='Whitepaper: Implementing a Directory of Processing Activities in compliance with the GDPR' title='Whitepaper: Implementing a Directory of Processing Activities in compliance with the GDPR'  height=\"429\" width=\"1030\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-1030x429.png 1030w, https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-300x125.png 300w, https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-768x320.png 768w, https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-18x7.png 18w, https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2-705x293.png 705w, https:\/\/media.robin-data.io\/2023\/10\/11135022\/Cover-Whitepaper-NIS2.png 1110w\" sizes=\"(max-width: 1030px) 100vw, 1030px\" \/><\/a><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2wsmuv-d8dcbd2de9d5bd522a6f077069740498\">\n#top .hr.hr-invisible.av-2wsmuv-d8dcbd2de9d5bd522a6f077069740498{\nheight:15px;\n}\n<\/style>\n<div  class='hr av-2wsmuv-d8dcbd2de9d5bd522a6f077069740498 hr-invisible  avia-builder-el-18  el_after_av_image  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-lq0x0g86-93426677cbc6406ebdafb2ba37888777'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock tp_de2'  itemprop=\"text\" ><p style=\"font-size: 20px; color: #00b3bd;\">In the white paper NIS-2 Directive you will find:<\/p>\n<ul>\n<li>Information on the background to the <strong>Origin<\/strong> the NIS-2 Directive<\/li>\n<li>Information on the connection with other <strong>Laws and guidelines<\/strong><\/li>\n<li><strong>Requirements<\/strong> which the organisations concerned must implement<\/li>\n<li>Information on <strong>Penalties and sanctions<\/strong><\/li>\n<\/ul>\n<\/div><\/section><br \/>\n<br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lqyvrwet-372c458e9ae53ebc45e86068662363e9\">\n.avia_message_box.av-lqyvrwet-372c458e9ae53ebc45e86068662363e9{\nbackground-color:rgba(244,150,0,0.3);\ncolor:#303440;\n}\n.avia_message_box.av-lqyvrwet-372c458e9ae53ebc45e86068662363e9 .avia_message_box_icon.avia-svg-icon svg:first-child{\nfill:#303440;\nstroke:#303440;\n}\n<\/style>\n<div id='avia-messagebox-' class='avia_message_box av_notification av-lqyvrwet-372c458e9ae53ebc45e86068662363e9 avia-color-custom avia-size-large avia-icon_select-no avia-border-  avia-builder-el-21  el_after_av_codeblock  avia-builder-el-last  tp_en2' ><div class=\"avia_message_box_content\"><p>Unfortunately this content is currently only available in German. Please feel free to <a href=\"https:\/\/www.robin-data.io\/en\/contact#formular\">contact us<\/a> for more information.<\/p>\n<\/div><\/div><\/p><\/div>\n<div  id=\"definition-ziele-aufgaben\"  class='flex_column av-1l6koxs-32aebfd3dde7a5682e33cfd4c5864b4c av_one_full  avia-builder-el-22  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lcexcmye-d040e4c11e1b9ae2067a4fcc208244e1\">\n#top .av-special-heading.av-lcexcmye-d040e4c11e1b9ae2067a4fcc208244e1{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lcexcmye-d040e4c11e1b9ae2067a4fcc208244e1 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lcexcmye-d040e4c11e1b9ae2067a4fcc208244e1 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"definition-aufgaben-ziele\"  class='av-special-heading av-lcexcmye-d040e4c11e1b9ae2067a4fcc208244e1 av-special-heading-h2 blockquote modern-quote  avia-builder-el-23  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What is NIS2: This is what the new EU cyber security directive says<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lcexixac-bb855b9003b688465ef39d5d1ef023c5'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The complete designation of the <strong>NIS Directive<\/strong> is the Network and Information Systems Directive and can be translated into German as the Network and Information Security Directive. The NIS Directive is a European Union directive that aims to strengthen cybersecurity in the EU. The directive was adopted in 2016 and should subsequently be implemented by the EU member states by May 2018.<\/p>\n<p>In December 2022, the successor, the <strong>NIS2 Directive<\/strong> entered into force. This NIS2 Directive builds on the original NIS Directive of 2016. NIS2 was developed to further strengthen cybersecurity across the EU and respond to current developments in the digital sphere by tightening requirements for organisations and promoting cooperation at EU level. This is an important step to better manage the increasing cyber threats in the digital world.<\/p>\n<p data-sourcepos=\"1:1-1:276\">The NIS Directive applies to <strong>Operators of critical infrastructures (KRITIS)<\/strong>i.e. for companies and organisations whose systems and services are essential for the maintenance of important social functions. These include companies in the energy, water, transport, finance, healthcare and telecommunications sectors.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lm60e434-513313e16ae01abed00a6cef52c973e5\">\n#top .av-special-heading.av-lm60e434-513313e16ae01abed00a6cef52c973e5{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lm60e434-513313e16ae01abed00a6cef52c973e5 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lm60e434-513313e16ae01abed00a6cef52c973e5 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"neuerungen-nis2\"  class='av-special-heading av-lm60e434-513313e16ae01abed00a6cef52c973e5 av-special-heading-h3 blockquote modern-quote  avia-builder-el-25  el_after_av_textblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Innovations: More cyber security through the NIS 2 directive<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-va7w74-090b00514296e5260452d725eaac37ae'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The reasons for the legislative changes from NIS to NIS2 are the<strong> sharp rise in cyber attacks<\/strong> in recent years, the <strong>Increasing digitalisation<\/strong> such as the use of artificial intelligence and the <strong>Standardised regulation<\/strong> among all EU member states.<\/p>\n<p>The NIS 2 Directive has the clear aim of strengthening cyber security and making the digital landscape in Europe more secure. When the directive comes into force, the requirements for companies and organisations will be increased, security certification will be promoted and cooperation at European level will be strengthened.<\/p>\n<p>Overview of the new features of the NIS 2 Directive:<\/p>\n<ul>\n<li><strong>Sectors:<\/strong> The critical essential sectors have been expanded to eleven sectors and the important sectors to seven. Eighteen sectors are therefore covered by the new NIS2 directive. This means that a wider range of companies and organisations will have to raise their security standards.<\/li>\n<li><strong>Facilities:<\/strong> Organisations with 50 or more employees or an annual turnover of 10 million euros or more are affected. Some organisations will fall under the NIS2 Directive regardless of their size.<\/li>\n<li><strong>Supply chains:<\/strong> The NIS 2 Directive sets out new requirements for the cyber security of supply chains. These requirements are intended to help companies be better prepared for cyberattacks that occur via their supply chains.<\/li>\n<li><strong>Cooperation:<\/strong> Supervision and cooperation between authorities and organisations in the EU will be expanded.<\/li>\n<li><strong>Certification of products and services: <\/strong>The introduction of cyber security certifications should make it easier for consumers and companies to opt for more secure solutions.<\/li>\n<li><strong>Sanctions:<\/strong> The NIS 2 Directive provides for significantly higher penalties for violations of the Directive, ranging from fines to imprisonment.<\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lm7klzae-92a37f93ba3652deb21f8c54bddf03ff\">\n#top .av-special-heading.av-lm7klzae-92a37f93ba3652deb21f8c54bddf03ff{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lm7klzae-92a37f93ba3652deb21f8c54bddf03ff .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lm7klzae-92a37f93ba3652deb21f8c54bddf03ff .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"aktueller-stand-nis2\"  class='av-special-heading av-lm7klzae-92a37f93ba3652deb21f8c54bddf03ff av-special-heading-h3 blockquote modern-quote  avia-builder-el-27  el_after_av_textblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Current status of implementation in Germany<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lm7kmlg4-b6f900ed5bd0f669018a145e6714b53e'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The NIS2 Directive is already in force in the EU, with the deadline for national implementation having expired in October 2024. On 13 November 2025, Germany transposed the EU's NIS2 Directive into national law.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnveeqb5-8dbb8ed5ee27e29e8709f9634ccf255a\">\n#top .avia-icon-list-container.av-lnveeqb5-8dbb8ed5ee27e29e8709f9634ccf255a .iconlist_icon{\ncolor:#00b3bd;\nbackground-color:#ffffff;\n}\n#top .avia-icon-list-container.av-lnveeqb5-8dbb8ed5ee27e29e8709f9634ccf255a .iconlist_icon svg:first-child{\nstroke:#00b3bd;\nfill:#00b3bd;\n}\n<\/style>\n<div  class='avia-icon-list-container av-lnveeqb5-8dbb8ed5ee27e29e8709f9634ccf255a  avia-builder-el-29  el_after_av_textblock  el_before_av_heading'><ul class='avia-icon-list avia_animate_when_almost_visible avia-icon-list-left av-iconlist-big av-lnveeqb5-8dbb8ed5ee27e29e8709f9634ccf255a avia-iconlist-animate'>\n<li><div class='iconlist_icon av-lnveduv0-1-1-1-1-b53eb03a45505f5cad50a80555fbce95 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 13 November 2025\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >13 November 2025<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>On 13 November 2025, Germany transposed the EU's NIS 2 Directive into national law.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-1-1-1-2bb32beeccfe0cd85426cfa217281cb9 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 06 June 2025\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >06 June 2025<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>New government draft bill is available.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-1-1-97c758dc1855caaf43045cbe1179f685 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue882' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 30 January 2025\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >30 January 2025<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Due to the early elections in Germany, the parliamentary procedure for the NIS-2 Implementation and Cyber Security Strengthening Act (NIS2UmsuCG) could not be finalised. The BMI continues to describe the implementation of the NIS-2 Directive as urgent.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnvefc3k-b9b6bc35e3c92aac0b278da340b9ed14 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue82a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 17 October 2024\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >17 October 2024<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>The EU member states must implement the directive by <strong>17 October 2024<\/strong>\u00a0into national law.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-1-b9989fcd0b4d6aaeded4d6575e7597e3 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue88a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 24 July 2024\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >24 July 2024<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>The German government draft has been adopted.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-1-2-f90c962b417a5ce802fb7ba0db2a3602 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue88a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 07 May 2024\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >07 May 2024<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>The German draft bill has been published.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-4bc92131f8bd9b717d002e841efb21df avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue88a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 22 December 2023\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >22 December 2023<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Fourth draft bill <strong>December 2023<\/strong><\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveglsf-3e637747187f8d5d1cd9fbc66af602e1 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue882' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: September 2023\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >September 2023<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Third draft bill\u00a0<strong>September 2023<\/strong><\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveglsf-7-e34659b0a4118648eb26e1110a1d800f avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue882' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: July 2023\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >July 2023<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>Second German draft bill\u00a0<strong>July 2023<\/strong><\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveglsf-6-745794e857d54c5454906e6be517909c avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue882' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: April 2023\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >April 2023<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>First German draft bill from\u00a0<strong>April 2023<\/strong><\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-lnveduv0-1-1-1-1-1-87e96358b062a3573c7d27ffe4341ad5 avia-font-entypo-fontello avia-iconfont avia-font-entypo-fontello'><span class='av-icon-char' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: 16 January 2023\"><h4 class='av_iconlist_title iconlist_title'  itemprop=\"headline\" >16 January 2023<\/h4><\/header><div class='iconlist_content'  itemprop=\"text\" ><p>The European Directive was adopted on\u00a0<strong>16 January 2023<\/strong>\u00a0entered into force.<\/p>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnof4l3r-04572a6393704c723530726a83640655\">\n#top .av-special-heading.av-lnof4l3r-04572a6393704c723530726a83640655{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lnof4l3r-04572a6393704c723530726a83640655 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lnof4l3r-04572a6393704c723530726a83640655 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"entstehung-nis2\"  class='av-special-heading av-lnof4l3r-04572a6393704c723530726a83640655 av-special-heading-h2 blockquote modern-quote  avia-builder-el-30  el_after_av_iconlist  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Origin of the NIS 2 Directive<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lmrekmg2-12b3a98cd52e848f98cf9c95148f9cda'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p data-sourcepos=\"1:1-1:276\">The EU Network and Information Security Directive (NIS) was adopted on 6 July 2016 and has been in force since 9 August 2016. The European NIS Directive was implemented in Germany by the Act to Increase the Security of Information Technology Systems (IT Security Act).<\/p>\n<p data-sourcepos=\"1:1-1:276\">The IT Security Act came into force on 25 June 2017 and previously applied in particular to operators of critical infrastructures (KRITIS), i.e. companies and organisations whose systems and services are essential for the maintenance of important social functions. The NIS 2 Directive now applies to all companies and organisations operating in the sectors listed in Annex I of the Directive. These include energy, water, transport, finance, healthcare and telecommunications. The NIS Directive originally only applied to operators of critical infrastructure (KRITIS).<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnocrrpr-478c9f602e939009abfd9b97467ee84f\">\n.avia-timeline-container.av-lnocrrpr-478c9f602e939009abfd9b97467ee84f .av-milestone-icon-inner{\nbackground-color:#ffffff;\ncolor:#00b3bd;\n}\n.avia-timeline-container.av-lnocrrpr-478c9f602e939009abfd9b97467ee84f .av-milestone-indicator{\nbackground-color:#ffffff;\n}\n.avia-timeline-container.av-lnocrrpr-478c9f602e939009abfd9b97467ee84f .av-milestone-article-footer{\nbackground-color:#ffffff;\n}\n.avia-timeline-container.av-lnocrrpr-478c9f602e939009abfd9b97467ee84f i.milestone-char.avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<div  id=\"avia-timeline-1\"  class='avia-timeline-container av-lnocrrpr-478c9f602e939009abfd9b97467ee84f av-slideshow-ui  avia-builder-el-32  el_after_av_textblock  el_before_av_heading' ><ul class='avia-timeline avia-timeline-vertical av-milestone-placement-left avia-timeline- avia_animate_when_almost_visible avia-timeline-animate'>\n<li  class='av-milestone av-lnocnuxx-dc27e6b1379af26ef68c87b51fa27795 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-2023' ><strong>2023<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: NIS-2 (EU)\"><h4 class='av-milestone-title'>NIS-2 (EU)<\/h4><\/header><div class='av-milestone-content'><p>The NIS 2 Directive was adopted by the European Parliament and the Council of the European Union on 25 November 2022. It came into force on 27 June 2023 and must be transposed into national law in all EU member states by 27 June 2024.<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-lnocnuxx-5-6e6be7ae069b41b52f41f9cc426c4fda av-animated-generic fade-in av-milestone-valign-baseline av-milestone-even'><h2 class='av-milestone-date' id='milestone-2021' ><strong>2021<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: IT Security Act 2.0 (Germany)\"><h4 class='av-milestone-title'>IT Security Act 2.0 (Germany)<\/h4><\/header><div class='av-milestone-content'><p>IT Security Act 2.0 was adopted on 24 May 2021 and is closely linked to the NIS Directive (Directive (EU) 2016\/1148 of the European Parliament and of the Council). The IT Security Act 2.0 serves to transpose the NIS Directive into national German law and sets out specific requirements for operators of critical infrastructure and providers of digital services in order to strengthen cybersecurity in Germany in accordance with European standards.<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-lnocnuxx-4-82f11b66a444649710338c60ce267c31 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-2016' ><strong>2016<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: Amendment to the BSI Act (Germany)\"><h4 class='av-milestone-title'>Amendment to the BSI Act (Germany)<\/h4><\/header><div class='av-milestone-content'><div class=\"flex-shrink-0 flex flex-col relative items-end\">\n<div><\/div>\n<\/div>\n<div class=\"relative flex w-&#091;calc(100%-50px)&#093; flex-col gizmo:w-full lg:w-&#091;calc(100%-115px)&#093; agent-turn\">\n<div class=\"flex-col gap-1 md:gap-3\">\n<div class=\"flex flex-grow flex-col gap-3 max-w-full\">\n<div class=\"min-h-&#091;20px&#093; flex flex-col items-start gap-3 whitespace-pre-wrap break-words overflow-x-auto\">\n<div class=\"markdown prose w-full break-words dark:prose-invert dark AIPRM__conversation__response\">\n<p>The BSI Act grants the Federal Office for Information Security (BSI) specific <strong>Authorisations and responsibilities<\/strong> to monitor the implementation of the IT Security Act and ensure that companies and organisations take appropriate security measures. The European Union's NIS Directive requires member states to designate national authorities or bodies responsible for implementing and monitoring the directive. In Germany, the <strong>BSI is the body responsible for implementing the NIS Directive<\/strong>. The BSI Act regulates the powers of the Federal Office in connection with the implementation of the NIS Directive, including the monitoring of critical infrastructures and the performance of security audits.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-lnocnuxx-3-9063e13cbc16c8be8c7a5d79ecc2133b av-animated-generic fade-in av-milestone-valign-baseline av-milestone-even'><h2 class='av-milestone-date' id='milestone-2016' ><strong>2016<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: NIS Directive (EU)\"><h4 class='av-milestone-title'>NIS Directive (EU)<\/h4><\/header><div class='av-milestone-content'><p>The Network and Information Systems Directive is a European Union directive that aims to strengthen cybersecurity in the EU. The directive was adopted in 2016 and should be implemented by the EU member states by May 2018.<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<li  class='av-milestone av-lnocnuxx-2-68bdebb0e6ec4f701aaf9a209a30ea64 av-animated-generic fade-in av-milestone-valign-baseline av-milestone-odd'><h2 class='av-milestone-date' id='milestone-2015' ><strong>2015<span class='av-milestone-indicator'><\/span><\/strong><\/h2><div class=\"av-milestone-icon-wrap\"><span class='av-milestone-icon milestone_icon avia-font-entypo-fontello'><span class='av-milestone-icon-inner milestone_inner'><i class='milestone-char avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue89a' data-av_iconfont='entypo-fontello' ><\/i><\/span><\/span><\/div><article class='av-milestone-content-wrap'><div class='av-milestone-contentbox'><header class=\"entry-content-header\" aria-label=\"Milestone: IT Security Act (Germany)\"><h4 class='av-milestone-title'>IT Security Act (Germany)<\/h4><\/header><div class='av-milestone-content'><p>It laid the foundations for the regulation of cyber security in Germany by defining the requirements for the security of critical infrastructures.<\/p>\n<\/div><\/div><footer class='av-milestone-article-footer entry-footer'><\/footer><\/article><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lgm78m35-69e214b5cb79b84e499e8c217949249f\">\n#top .av-special-heading.av-lgm78m35-69e214b5cb79b84e499e8c217949249f{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lgm78m35-69e214b5cb79b84e499e8c217949249f .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lgm78m35-69e214b5cb79b84e499e8c217949249f .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"vorteile\"  class='av-special-heading av-lgm78m35-69e214b5cb79b84e499e8c217949249f av-special-heading-h2 blockquote modern-quote  avia-builder-el-33  el_after_av_timeline  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Requirements of the NIS2 Directive<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-latnqwo9-582b23cc2bf6f724c8ef05365a4a27b2'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p data-sourcepos=\"12:1-12:273\">The NIS2 Directive is intended to help operators of critical infrastructures to better protect their information systems and prevent or at least mitigate cyberattacks.<\/p>\n<p data-sourcepos=\"14:1-14:58\"><strong>The most important requirements of the NIS-2 directive are<\/strong><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lkm9077b-39b5ba550a7217a32a6a883244d628ff\">\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler{\ncolor:#303440;\nbackground-color:#f7f7f7;\nborder-color:#00b3bd;\n}\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler.activeTitle{\ncolor:#00b3bd;\nborder-color:#00b3bd;\n}\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler:not(.activeTitle):hover{\ncolor:#ffffff;\nbackground-color:#00b3bd;\n}\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler:not(.activeTitle):hover .toggle_icon, #top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler:not(.activeTitle):hover .toggle_icon *{\nborder-color:#ffffff !important;\n}\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff p.toggler .toggle_icon{\ncolor:#303440;\nborder-color:#303440;\n}\n#top .togglecontainer.av-lkm9077b-39b5ba550a7217a32a6a883244d628ff .toggle_wrap .toggle_content{\ncolor:#303440;\nbackground-color:#f7f7f7;\nborder-color:#00b3bd;\n}\n<\/style>\n<div  class='togglecontainer av-lkm9077b-39b5ba550a7217a32a6a883244d628ff av-minimal-toggle  avia-builder-el-35  el_after_av_textblock  avia-builder-el-last  toggle_close_all hasCurrentStyle'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/FAQPage\" >\n<section class='av_toggle_section av-lkm8xhd3-e1d7f0d01c455dfd7af45fb14ef63a60'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-1' data-fake-id='#toggle-id-1' class='toggler  activeTitle av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-1' data-slide-speed=\"200\" data-title=\"Verpflichtung zur Einf\u00fchrung eines Informationssicherheits-Management-Systems (ISMS)\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Verpflichtung zur Einf\u00fchrung eines Informationssicherheits-Management-Systems (ISMS)\" data-aria_expanded=\"Click to collapse: Verpflichtung zur Einf\u00fchrung eines Informationssicherheits-Management-Systems (ISMS)\">Obligation to introduce an information security management system (ISMS)<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-1' aria-labelledby='toggle-toggle-id-1' role='region' class='toggle_wrap  active_tc av-title-above' style='display:block;'  itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Companies and organisations affected by the NIS 2 Directive must have a <a style=\"color: #127db3;\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/isms-definition-what-is-an-information-security-management-system\">Information Security Management System (ISMS)<\/a> introduce and operate. The ISMS is a holistic approach to ensuring information security. It comprises the planning, implementation, monitoring, evaluation and improvement of information security measures.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-lkm8xhd3-4-358bdc74b4a64de827fce0adbe2742ff'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-2' data-fake-id='#toggle-id-2' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-2' data-slide-speed=\"200\" data-title=\"Regelm\u00e4\u00dfige Durchf\u00fchrung von Risikobewertungen\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Regelm\u00e4\u00dfige Durchf\u00fchrung von Risikobewertungen\" data-aria_expanded=\"Click to collapse: Regelm\u00e4\u00dfige Durchf\u00fchrung von Risikobewertungen\">Regular performance of risk assessments<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-2' aria-labelledby='toggle-toggle-id-2' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Companies and organisations must take an active <a style=\"color: #127db3;\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-3\">Risk Management<\/a> including regular risk assessments. The risk assessments should identify the potential threats and risks to the information security of the company's systems and services.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-lkm8xhd3-3-0644b5280bfbef8210f7748d752d9b2c'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-3' data-fake-id='#toggle-id-3' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-3' data-slide-speed=\"200\" data-title=\"Meldung von Cybervorf\u00e4llen an die zust\u00e4ndigen Beh\u00f6rden\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Meldung von Cybervorf\u00e4llen an die zust\u00e4ndigen Beh\u00f6rden\" data-aria_expanded=\"Click to collapse: Meldung von Cybervorf\u00e4llen an die zust\u00e4ndigen Beh\u00f6rden\">Reporting cyber incidents to the competent authorities<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-3' aria-labelledby='toggle-toggle-id-3' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Companies and organisations must report cyber incidents to the competent authorities. Reports must be made within 24 hours if the incident could have a significant impact on the functioning of the organisation's systems and services.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-lkm8xhd3-2-91357a74b3e1d055939cabfd5732a1f4'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-4' data-fake-id='#toggle-id-4' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-4' data-slide-speed=\"200\" data-title=\"Austausch von Informationen \u00fcber Cybervorf\u00e4lle zwischen den EU-Mitgliedsstaaten\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Austausch von Informationen \u00fcber Cybervorf\u00e4lle zwischen den EU-Mitgliedsstaaten\" data-aria_expanded=\"Click to collapse: Austausch von Informationen \u00fcber Cybervorf\u00e4lle zwischen den EU-Mitgliedsstaaten\">Exchange of information on cyber incidents between EU member states<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-4' aria-labelledby='toggle-toggle-id-4' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>The competent authorities of the EU member states must exchange information on cyber incidents. The exchange of information is intended to improve the response to cyber incidents.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-lkm8xhd3-1-a5bfc75bb64345eba9671461f9d99973'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-5' data-fake-id='#toggle-id-5' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-5' data-slide-speed=\"200\" data-title=\"Zus\u00e4tzliche Anforderungen f\u00fcr Deutschland\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Zus\u00e4tzliche Anforderungen f\u00fcr Deutschland\" data-aria_expanded=\"Click to collapse: Zus\u00e4tzliche Anforderungen f\u00fcr Deutschland\">Additional requirements for Germany<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-5' aria-labelledby='toggle-toggle-id-5' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>In addition to the requirements of the NIS 2 Directive, the IT Security Act 2.0 will also contain additional requirements that are currently being defined by Germany. These include the obligation to appoint an information security officer and to carry out cyber security exercises.<\/p>\n<\/div><\/div><\/div><\/section>\n<\/div><\/p><\/div>\n<div  id=\"rechtliche-bedingungen\"  class='flex_column av-61qtowb-db609f008ce3fc2479bd710a278bc330 av_one_full  avia-builder-el-36  el_after_av_one_full  el_before_av_one_half  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lgm66v2z-7c505e36026fc96c1d6e62fc9397ba83\">\n#top .av-special-heading.av-lgm66v2z-7c505e36026fc96c1d6e62fc9397ba83{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lgm66v2z-7c505e36026fc96c1d6e62fc9397ba83 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lgm66v2z-7c505e36026fc96c1d6e62fc9397ba83 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"betroffene-unternehmen\"  class='av-special-heading av-lgm66v2z-7c505e36026fc96c1d6e62fc9397ba83 av-special-heading-h2 blockquote modern-quote  avia-builder-el-37  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Which companies must implement NIS2?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lnykhu9r-e0465340f26cdc53b3677594b2230d96'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The NIS2 Directive (Network and Information Security Directive, Version 2) replaces the previous NIS1 and <strong>significantly expands the circle of obligated organisations<\/strong>. In future, the focus will no longer be solely on traditional KRITIS operators, but also on <strong>many medium-sized companies too<\/strong> from a total of 18 sectors. In addition to the industry, the size of the company is also a decisive factor. Even medium-sized companies (with &gt;50 employees or &gt;\u20ac10 million in turnover\/balance sheet total) are considered relevant if they operate in one of the sectors mentioned, such as industry, transport, the digital economy or healthcare.<\/p>\n<p><strong>NIS2 distinguishes between two categories of institutions:<\/strong><\/p>\n<ul>\n<li><strong>\u201eParticularly important facilities\u201c<\/strong> <strong>(essential entities)<\/strong>Large organisations in highly critical sectors such as energy, health, finance, digital infrastructure or public administration. They are essential for maintaining key societal functions and must meet all NIS2 requirements. Accordingly, they are subject to the strictest requirements and the highest level of supervision by authorities.<\/li>\n<li><strong>\u201eImportant entities\u201c:<\/strong> Medium-sized organisations and institutions in other important sectors, e.g. postal and courier services, chemical trade, food production, research or manufacturers of goods. Disruption to these sectors would still have a significant impact, even if they are not considered highly critical. They must also implement numerous security measures, albeit with slightly less intensity in some cases. Nevertheless, these companies are now also subject to reporting and supervisory obligations by the BSI. Size no longer protects against regulation \u2013 many previously unregulated companies are now being targeted.<\/li>\n<\/ul>\n<p>For all affected organisations, the German Kritis Regulation (BSI-KritisV) will no longer be the sole benchmark. The old threshold logic (e.g. 500,000 people served) will take a back seat. Instead, the EU requirement will be directly binding: Member States will not be able to define any further exceptions. Organisations should therefore independently check whether they fall under NIS2. Any uncertainties can be clarified through consultation or by contacting the authority (BSI).<\/p>\n<\/div><\/section><\/p><\/div>\n<div  id=\"rechtliche-bedingungen\"  class='flex_column av-9rmz2wn-e7aa2347e3da01cfe4a26b4c8def803b av_one_half  avia-builder-el-39  el_after_av_one_full  el_before_av_one_half  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-9e4jxo7-957d1f615aa1c68fe7763125f420a263\">\n#top .av-special-heading.av-9e4jxo7-957d1f615aa1c68fe7763125f420a263{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-9e4jxo7-957d1f615aa1c68fe7763125f420a263 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-9e4jxo7-957d1f615aa1c68fe7763125f420a263 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-9e4jxo7-957d1f615aa1c68fe7763125f420a263 av-special-heading-h4 blockquote modern-quote  avia-builder-el-40  el_before_av_textblock  avia-builder-el-first'><h4 class='av-special-heading-tag'  itemprop=\"headline\"  >Major organisations<\/h4><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lnohrfwn-bb1bd249e3c10f4a83e75e13f6e0cf04'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li><strong>Criticality: <\/strong>Essential for the maintenance of important social functions<\/li>\n<li><strong>Requirements:<\/strong> All requirements of the NIS 2 Directive must be implemented.<\/li>\n<li><strong>Sectors of the main organisations:<\/strong>\n<ul data-sourcepos=\"26:5-31:35\">\n<li data-sourcepos=\"26:5-26:22\">Energy<\/li>\n<li data-sourcepos=\"27:5-27:34\">Transport<\/li>\n<li data-sourcepos=\"27:5-27:34\">Banking<\/li>\n<li data-sourcepos=\"27:5-27:34\">Financial market infrastructures<\/li>\n<li data-sourcepos=\"27:5-27:34\">Healthcare<\/li>\n<li data-sourcepos=\"27:5-27:34\">Drinking water<\/li>\n<li data-sourcepos=\"27:5-27:34\">Waste water<\/li>\n<li data-sourcepos=\"27:5-27:34\">Digital infrastructure<\/li>\n<li data-sourcepos=\"27:5-27:34\">Management of ICT services<\/li>\n<li data-sourcepos=\"27:5-27:34\">Public administration<\/li>\n<li data-sourcepos=\"27:5-27:34\">Space<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div>\n<div  id=\"rechtliche-bedingungen\"  class='flex_column av-93tc5zr-394f937b18b8d534e5d7598b58a86de1 av_one_half  avia-builder-el-42  el_after_av_one_half  el_before_av_one_full  flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-u098dz-3daaf6e9d7bc12878d489ec3bf7c656d\">\n#top .av-special-heading.av-u098dz-3daaf6e9d7bc12878d489ec3bf7c656d{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-u098dz-3daaf6e9d7bc12878d489ec3bf7c656d .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-u098dz-3daaf6e9d7bc12878d489ec3bf7c656d .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-u098dz-3daaf6e9d7bc12878d489ec3bf7c656d av-special-heading-h4 blockquote modern-quote  avia-builder-el-43  el_before_av_textblock  avia-builder-el-first'><h4 class='av-special-heading-tag'  itemprop=\"headline\"  >Important organisations<\/h4><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lnohrbj0-86add9f632656b05274f53bfd2ec7aa9'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li><strong>Criticality: <\/strong>Disruption could nevertheless have a significant impact on important social functions<\/li>\n<li><strong>Requirements:<\/strong> Some requirements of the NIS 2 Directive must be implemented, but not all.<\/li>\n<li><strong>Sectors of the important organisations:<\/strong>\n<ul data-sourcepos=\"26:5-31:35\">\n<li data-sourcepos=\"33:5-33:29\">Postal and courier services<\/li>\n<li data-sourcepos=\"34:5-34:27\">Waste management<\/li>\n<li data-sourcepos=\"34:5-34:27\">Production, manufacture and trade in chemical substances<\/li>\n<li data-sourcepos=\"34:5-34:27\">Production, processing and distribution of food<\/li>\n<li data-sourcepos=\"34:5-34:27\">Manufacturing\/production of goods<\/li>\n<li data-sourcepos=\"35:5-35:31\">Provider of digital services<\/li>\n<li data-sourcepos=\"36:5-37:0\">Research<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div>\n<div  id=\"umsetzung-nis2\"  class='flex_column av-lmrnx5w1-dc2cd6557c6657352a6f958bf073072f av_one_full  avia-builder-el-45  el_after_av_one_half  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lmrex9hs-64e41fad8ad4e5e890926a5052ad247d\">\n#top .av-special-heading.av-lmrex9hs-64e41fad8ad4e5e890926a5052ad247d{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lmrex9hs-64e41fad8ad4e5e890926a5052ad247d .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lmrex9hs-64e41fad8ad4e5e890926a5052ad247d .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-lmrex9hs-64e41fad8ad4e5e890926a5052ad247d av-special-heading-h2 blockquote modern-quote  avia-builder-el-46  el_before_av_heading  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Implementation of the NIS 2 Directive<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lniopi48-f1de0f62b8225ce03cedfc9ca51bb491\">\n#top .av-special-heading.av-lniopi48-f1de0f62b8225ce03cedfc9ca51bb491{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lniopi48-f1de0f62b8225ce03cedfc9ca51bb491 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lniopi48-f1de0f62b8225ce03cedfc9ca51bb491 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-lniopi48-f1de0f62b8225ce03cedfc9ca51bb491 av-special-heading-h3 blockquote modern-quote  avia-builder-el-47  el_after_av_heading  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Responsible for the implementation of the NIS 2 Directive<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lmrewqbb-49e100ae4a8bb46a6ced8af0d5574c01'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p data-sourcepos=\"1:1-1:427\">The implementation of the NIS 2 Directive is a joint task of the EU member states and the EU Commission. The <strong>EU Commission<\/strong> is responsible for developing the Directive and monitoring its implementation in the Member States.<\/p>\n<p data-sourcepos=\"1:1-1:427\">The <strong>Member states<\/strong> are responsible for transposing the directive into national law and monitoring compliance with the requirements by the organisations concerned.<\/p>\n<p data-sourcepos=\"3:1-3:252\">In Germany this is <strong>Federal Office for Information Security (BSI)<\/strong> is responsible for the implementation of the NIS-2 Directive. The BSI is a higher federal authority responsible for the security of information technology in Germany.<\/p>\n<p data-sourcepos=\"5:1-5:79\">The <strong>BSI has the following tasks<\/strong> as part of the implementation of the NIS 2 Directive:<\/p>\n<ul data-sourcepos=\"7:1-10:0\">\n<li data-sourcepos=\"7:1-7:81\">Development of guidelines and recommendations for the implementation of the directive<\/li>\n<li data-sourcepos=\"8:1-8:96\">Advice and support for the organisations concerned in implementing the directive<\/li>\n<li data-sourcepos=\"9:1-10:0\">Monitoring the implementation of the directive by the organisations concerned<\/li>\n<\/ul>\n<p data-sourcepos=\"13:1-13:104\">The <strong>organisations concerned<\/strong> must implement the defined minimum requirements for cyber security. For implementation and monitoring, the<strong> Management of the organisations concerned<\/strong> responsible. The management can be held liable for inadequate implementation.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3xm50bb-26ea5a3b7214025090f482d4c9544e26\">\n.flex_column.av-3xm50bb-26ea5a3b7214025090f482d4c9544e26{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-3xm50bb-26ea5a3b7214025090f482d4c9544e26 av_one_full  avia-builder-el-49  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067\">\n.iconbox.av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067 .iconbox_icon{\ncolor:#ffffff;\n}\n.iconbox.av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067 .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .iconbox.av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067 .iconbox_content_title{\ncolor:#ffffff;\n}\n.iconbox.av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067 .iconbox_content_container{\ncolor:#ffffff;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-lnvfxoxo-3d0b66c6f0192b1e4c934525852d6067 av-icon-style-no-border  avia-builder-el-50  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-complianceos' data-av_icon='\ue901' data-av_iconfont='complianceos'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Advice on the implementation of the NIS2 Directive\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Advice on the implementation of the NIS2 Directive<\/h3><\/header><div class='iconbox_content_container av_inherit_color'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-lnvfycbp-956cea713e08e60cc374e37ee953a148'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><span style=\"color: #ffffff;\">The new EU directive on cyber security becomes law in Germany. Increase the cyber security of your organisation, we support you in the comprehensive implementation of security measures and legal obligations.<\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-buttonrow-wrap av-lofijtly-f9223b8d692cdc1ffa78619b9363e915 avia-buttonrow-left  avia-builder-el-52  el_after_av_textblock  avia-builder-el-last'>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lofihj7r-84f7c754f69f73404029f6cae0d3e487\">\n#top #wrap_all .avia-button.av-lofihj7r-84f7c754f69f73404029f6cae0d3e487{\nbackground-color:#ffffff;\nborder-color:#ffffff;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\nmargin-bottom:5px;\nmargin-right:5px;\n}\n#top #wrap_all .avia-button.av-lofihj7r-84f7c754f69f73404029f6cae0d3e487:hover{\nbackground-color:#00b3bd;\ncolor:#ffffff;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-lofihj7r-84f7c754f69f73404029f6cae0d3e487 .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n#top #wrap_all .avia-button.av-lofihj7r-84f7c754f69f73404029f6cae0d3e487:hover .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/information-security-officer-2'  class='avia-button av-lofihj7r-84f7c754f69f73404029f6cae0d3e487 avia-icon_select-yes-left-icon avia-size-medium'   aria-label=\"Further Information\"><span class='avia_button_icon avia_button_icon_left avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue81f' data-av_iconfont='entypo-fontello' ><\/span><span class='avia_iconbox_title' >Further Information<\/span><\/a>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9\">\n#top #wrap_all .avia-button.av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\ntransition:all 0.4s ease-in-out;\nmargin-bottom:5px;\nmargin-right:5px;\n}\n#top #wrap_all .avia-button.av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9 .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/events\/demo\/#anmeldung'  class='avia-button av-lofihj7r-14-1298ae9c0c05b9b9c882eb37eb562be9 avia-icon_select-yes-left-icon avia-size-medium'   aria-label=\"Schedule a meeting\"><span class='avia_button_icon avia_button_icon_left avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue875' data-av_iconfont='entypo-fontello' ><\/span><span class='avia_iconbox_title' >Schedule a meeting<\/span><\/a>\n<\/div><\/p><\/div>\n<div  id=\"umsetzung-nis2\"  class='flex_column av-6clv7g7-a18137d8430243bf5b54e5cb8de82d23 av_one_full  avia-builder-el-53  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-5x5lwyf-8b448139bd89c1c3fc19d67ce7ffb081\">\n#top .av-special-heading.av-5x5lwyf-8b448139bd89c1c3fc19d67ce7ffb081{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-5x5lwyf-8b448139bd89c1c3fc19d67ce7ffb081 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-5x5lwyf-8b448139bd89c1c3fc19d67ce7ffb081 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"mindestanforderungen\"  class='av-special-heading av-5x5lwyf-8b448139bd89c1c3fc19d67ce7ffb081 av-special-heading-h3 blockquote modern-quote  avia-builder-el-54  el_before_av_textblock  avia-builder-el-first'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Minimum requirements for cyber security<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-54a57w7-2bb29def558fde597830b1b629ef6949'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The EU NIS2 Directive specifies for essential and important organisations <strong>Minimum requirements for cyber security<\/strong> fixed.<\/p>\n<p><strong>The measures must include at least the following:<\/strong><\/p>\n<ul>\n<li>Concepts relating to risk analysis and security for information systems<\/li>\n<li>Management of security incidents<\/li>\n<li>Business continuity, such as backup management and disaster recovery, and crisis management<\/li>\n<li>Security of the supply chain, including security-related aspects of relationships between individual organisations and their direct suppliers or service providers<\/li>\n<li>Security measures in the acquisition, development and maintenance of network and information systems, including management and disclosure of vulnerabilities<\/li>\n<li>Concepts and procedures for assessing the effectiveness of risk management measures in the area of cyber security<\/li>\n<li>Basic cyber hygiene procedures and cyber security training<\/li>\n<li>Concepts and procedures for the use of cryptography and, where applicable, encryption<\/li>\n<li>Personnel security, concepts for access control and management of systems<\/li>\n<li>Use of multi-factor authentication or continuous authentication solutions, secure voice, video and text communication and, where appropriate, secure emergency communication systems within the organisation.<\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-4zy1d2v-8a861befe7b3a4e26b8c93b9720cc578\">\n#top .av-special-heading.av-4zy1d2v-8a861befe7b3a4e26b8c93b9720cc578{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-4zy1d2v-8a861befe7b3a4e26b8c93b9720cc578 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-4zy1d2v-8a861befe7b3a4e26b8c93b9720cc578 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"risikomanagement\"  class='av-special-heading av-4zy1d2v-8a861befe7b3a4e26b8c93b9720cc578 av-special-heading-h3 blockquote modern-quote  avia-builder-el-56  el_after_av_textblock  el_before_av_textblock'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Risk management in accordance with NIS-2<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-g930k7-d5980d990ea675091fa08e416d139614'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The NIS 2 Directive places stricter requirements on the information security of companies and organisations in the EU. This also includes <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-3\"><strong style=\"color: #127db3;\">Risk management measures<\/strong><\/a>. The organisations concerned are obliged to meet the risk management requirements of the NIS 2 Directive.<\/p>\n<p>Risk management is a systematic process for identifying, assessing and dealing with risks. In the area of cyber security, risk management aims to reduce the probability and extent of a cyber attack.<\/p>\n<p><strong>The NIS 2 Directive provides for at least the following risk management measures:<\/strong><\/p>\n<ul>\n<li><strong>Introduction of an information security management system (ISMS)<\/strong>An ISMS is a holistic approach to ensuring information security. It comprises the planning, implementation, monitoring, evaluation and improvement of information security measures.<\/li>\n<li><strong>Regular performance of risk assessments:<\/strong>\u00a0Risk assessments should identify the potential threats and risks to the information security of the company's systems and services.<\/li>\n<li><strong>The implementation of technical and organisational risk mitigation measures:<\/strong>\u00a0The identified risks must be minimised through suitable technical and organisational measures.<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1g1mnr-b6543a92e40267e56c611f85a9d3508f\">\n.flex_column.av-1g1mnr-b6543a92e40267e56c611f85a9d3508f{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-1g1mnr-b6543a92e40267e56c611f85a9d3508f av_one_full  avia-builder-el-58  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-c0lwjb-689f448a545bce4bd1498b094b86d980\">\n.iconbox.av-c0lwjb-689f448a545bce4bd1498b094b86d980 .iconbox_icon{\ncolor:#ffffff;\n}\n.iconbox.av-c0lwjb-689f448a545bce4bd1498b094b86d980 .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .iconbox.av-c0lwjb-689f448a545bce4bd1498b094b86d980 .iconbox_content_title{\ncolor:#ffffff;\n}\n.iconbox.av-c0lwjb-689f448a545bce4bd1498b094b86d980 .iconbox_content_container{\ncolor:#ffffff;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-c0lwjb-689f448a545bce4bd1498b094b86d980 av-icon-style-no-border  avia-builder-el-59  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-complianceos' data-av_icon='\ue905' data-av_iconfont='complianceos'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Robin Data ComplianceOS\u00ae Compliance field Risk management\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Robin Data ComplianceOS\u00ae Compliance field Risk management<\/h3><\/header><div class='iconbox_content_container av_inherit_color'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-2ypd3g7-033e59a890bc6bdca47f29d46da1d334'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><span style=\"color: #ffffff;\">Digitally implement the requirements of NIS2 for your organisation's risk management. With ComplianceOS, you can systematically identify, assess and treat risks and thus reduce the probability and extent of a cyberattack on your organisation.<\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-2gfpomv-f9e29b471938d35565e1369d52ea218f-wrap avia-button-left  avia-builder-el-61  el_after_av_textblock  avia-builder-el-last'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2gfpomv-f9e29b471938d35565e1369d52ea218f\">\n#top #wrap_all .avia-button.av-2gfpomv-f9e29b471938d35565e1369d52ea218f{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\nborder-radius:1px 1px 1px 1px;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-2gfpomv-f9e29b471938d35565e1369d52ea218f:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all.avia-button.av-2gfpomv-f9e29b471938d35565e1369d52ea218f:hover .avia_button_background{\nborder-radius:1px 1px 1px 1px;\n}\n#top #wrap_all .avia-button.av-2gfpomv-f9e29b471938d35565e1369d52ea218f .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-2gfpomv-f9e29b471938d35565e1369d52ea218f:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/events\/demo\/#anmeldung'  class='avia-button av-2gfpomv-f9e29b471938d35565e1369d52ea218f av-link-btn avia-icon_select-no avia-size-large avia-position-left'   aria-label=\"Schedule a meeting\"><span class='avia_iconbox_title' >Schedule a meeting<\/span><\/a><\/div><\/p><\/div>\n<div  id=\"umsetzung-nis2\"  class='flex_column av-36b228n-b9661ad68cb24889bac7e14fbbc43fbd av_one_full  avia-builder-el-62  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2ff3ixj-cf61f05a293537def314be93752c4896\">\n#top .av-special-heading.av-2ff3ixj-cf61f05a293537def314be93752c4896{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-2ff3ixj-cf61f05a293537def314be93752c4896 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-2ff3ixj-cf61f05a293537def314be93752c4896 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"berichtspflichten\"  class='av-special-heading av-2ff3ixj-cf61f05a293537def314be93752c4896 av-special-heading-h3 blockquote modern-quote  avia-builder-el-63  el_before_av_textblock  avia-builder-el-first'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >Reporting obligations in accordance with NIS2<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-1xtqllj-de5bb83b5bbe8a34de0ccf5d928ba9ca'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p data-sourcepos=\"1:1-1:271\">The NIS2 Directive provides for extensive reporting obligations for the organisations concerned. The reports are intended to provide the competent authorities with an overview of the organisations' information security measures and help them respond to cyber incidents. The reporting obligations apply to all affected organisations, regardless of whether they are classified as significant or important.<\/p>\n<p data-sourcepos=\"3:1-3:56\"><strong>The following reports are required according to NIS2:<\/strong><\/p>\n<ul data-sourcepos=\"5:1-8:0\">\n<li data-sourcepos=\"5:1-5:277\"><strong>Annual Report:<\/strong>\u00a0The annual report should provide an overview of the organisation's information security measures. These include the introduction of an ISMS, the performance of risk assessments and the implementation of risk minimisation measures.<\/li>\n<li data-sourcepos=\"6:1-6:292\"><strong>Reporting of cyber incidents:<\/strong>\u00a0The affected organisation must report cyber incidents to the competent authorities. The report must be made within 24 hours if the incident may have a significant impact on the functioning of the organisation's systems and services.<\/li>\n<li data-sourcepos=\"7:1-8:0\"><strong>Exchange of information on cyber incidents:<\/strong>\u00a0The affected organisation must share information about cyber incidents with other organisations. The exchange of information is intended to improve the response to cyber incidents.<\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1k83pp3-40d61e738cfdb5ddba0835c77dc966fa\">\n#top .av-special-heading.av-1k83pp3-40d61e738cfdb5ddba0835c77dc966fa{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-1k83pp3-40d61e738cfdb5ddba0835c77dc966fa .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-1k83pp3-40d61e738cfdb5ddba0835c77dc966fa .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"isms\"  class='av-special-heading av-1k83pp3-40d61e738cfdb5ddba0835c77dc966fa av-special-heading-h2 blockquote modern-quote  avia-builder-el-65  el_after_av_textblock  el_before_av_textblock'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Implementation of an ISMS in preparation for NIS2<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-4iyonr-f5f357d1e9ee8741ffe48fe1a31f5f84'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>There is some overlap between ISO 27001 and NIS2, particularly with regard to the basic principles and security aspects. We therefore recommend the implementation of the ISO 27001 requirements or the implementation of a <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/isms-definition-what-is-an-information-security-management-system\">Information security management system<\/a> in preparation for the German NIS2 Directive.<\/p>\n<p><strong>Risk assessment:<\/strong><br \/>\nBoth standards require a comprehensive risk assessment. ISO 27001 requires organisations to identify and assess information security risks in order to implement appropriate security measures. NIS2 also requires risk assessments to ensure the security of critical services.<\/p>\n<p><strong>Security measures<\/strong>:<br \/>\nBoth ISO 27001 and NIS2 emphasise the implementation of security measures. ISO 27001 defines general security controls and procedures that organisations can apply to ensure their information security. NIS2 sets out specific requirements for critical service providers to ensure that appropriate safeguards are in place.<\/p>\n<p><strong>Protection of confidentiality, integrity and availability:<\/strong><br \/>\nBoth standards aim to ensure the confidentiality, integrity and availability of information. ISO 27001 aims to ensure these objectives for all types of information in an organisation, while NIS2 aims to ensure the availability of critical services in important sectors.<\/p>\n<p><strong>Emergency planning:<\/strong><br \/>\nBoth ISO 27001 and NIS2 emphasise contingency planning. ISO 27001 requires the development of contingency plans to restore information security following security incidents. NIS2 requires critical service providers to develop contingency plans to minimise the impact of cyber-attacks and restore service availability.<\/p>\n<p><strong>Monitoring and improvement:<\/strong><br \/>\nBoth standards emphasise the importance of continuous monitoring and improvement of security measures. ISO 27001 requires regular review and adaptation of the information security management system. NIS2 requires service providers of significant importance to constantly review and update their security measures and processes.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2ltxa5z-1ae3d4c08910a00f563e7f848c37b25b\">\n.flex_column.av-2ltxa5z-1ae3d4c08910a00f563e7f848c37b25b{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-2ltxa5z-1ae3d4c08910a00f563e7f848c37b25b av_one_full  avia-builder-el-67  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb\">\n.iconbox.av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb .iconbox_icon{\ncolor:#ffffff;\n}\n.iconbox.av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .iconbox.av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb .iconbox_content_title{\ncolor:#ffffff;\n}\n.iconbox.av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb .iconbox_content_container{\ncolor:#ffffff;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-lnvft3m3-6caa073200ee4a903fa67ac688b98acb av-icon-style-no-border  avia-builder-el-68  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-complianceos' data-av_icon='\ue901' data-av_iconfont='complianceos'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Implement ISMS with Robin Data ComplianceOS\u00ae\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Implement ISMS with Robin Data ComplianceOS\u00ae<\/h3><\/header><div class='iconbox_content_container av_inherit_color'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-lnvfsmjb-35807b0cd5da0488c327b1ce9233911b'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><span style=\"color: #ffffff;\">Implement the requirements of NIS2 for an information security management system and achieve NIS2 compliance in good time. Robin Data GmbH's external information security officers will help you to develop and monitor an ISMS in close coordination with your management and other responsible parties. <\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe-wrap avia-button-left  avia-builder-el-70  el_after_av_textblock  avia-builder-el-last'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe\">\n#top #wrap_all .avia-button.av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\nborder-radius:1px 1px 1px 1px;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all.avia-button.av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe:hover .avia_button_background{\nborder-radius:1px 1px 1px 1px;\n}\n#top #wrap_all .avia-button.av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/events\/demo\/#anmeldung'  class='avia-button av-nmx25z-cb71222ad43e6ca7b85e012da86eb9fe av-link-btn avia-icon_select-no avia-size-large avia-position-left'   aria-label=\"Schedule a meeting\"><span class='avia_iconbox_title' >Schedule a meeting<\/span><\/a><\/div><\/p><\/div>\n<div  id=\"gf-haftung\"  class='flex_column av-4v7p8vr-1f33e44d2932b57a62fea964982ebf63 av_one_full  avia-builder-el-71  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-min4ad0a-efd8844dfdfdabe525af6a006d8a20bb\">\n#top .av-special-heading.av-min4ad0a-efd8844dfdfdabe525af6a006d8a20bb{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-min4ad0a-efd8844dfdfdabe525af6a006d8a20bb .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-min4ad0a-efd8844dfdfdabe525af6a006d8a20bb .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"sanktionen\"  class='av-special-heading av-min4ad0a-efd8844dfdfdabe525af6a006d8a20bb av-special-heading-h2 blockquote modern-quote  avia-builder-el-72  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Role of management: Liability makes cybersecurity a top priority<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-3qobiuv-043251672f34e6075ceaef056e5f2d2f'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>One of the most important changes: management is now directly accountable. According to NIS2 (and the BSIG n. F.), board members and managing directors must ensure that cybersecurity measures are implemented and monitored. If they ignore these obligations or fail to take essential precautions, they can be held personally liable. This is a paradigm shift: IT security is no longer just a matter for the IT department, but a central component of good corporate governance.<\/p>\n<p><strong>Specifically, this means<\/strong>Management must provide resources, set up appropriate structures (e.g. CISO or external ISB) and obtain regular reports on the status of information security. The law also requires managers to attend cybersecurity training courses to keep up to date. This makes it clear that cybersecurity is a matter for top management.<\/p>\n<p>This also presents an opportunity for organisations: when senior management prioritises the issue, the overall security culture often improves. Ultimately, the threat of liability serves to encourage a serious approach to cyber security in the face of ever-new threats such as ransomware, state-sponsored hackers and digital sabotage.<\/p>\n<\/div><\/section><\/p><\/div>\n<div  id=\"schutzbedarfsbewertung\"  class='flex_column av-4309nb-ea3f574fb3d8a088bba9309496fa2cd5 av_one_full  avia-builder-el-74  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-4fcftxz-6dea0e7d8939ae6de0dbc44ea5cc246b\">\n#top .av-special-heading.av-4fcftxz-6dea0e7d8939ae6de0dbc44ea5cc246b{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-4fcftxz-6dea0e7d8939ae6de0dbc44ea5cc246b .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-4fcftxz-6dea0e7d8939ae6de0dbc44ea5cc246b .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"sanktionen\"  class='av-special-heading av-4fcftxz-6dea0e7d8939ae6de0dbc44ea5cc246b av-special-heading-h2 blockquote modern-quote  avia-builder-el-75  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Penalties and sanctions for violation of NIS2<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-2hdiaf-d77c0e0efc2421337b92c9a36cb25619'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p data-sourcepos=\"1:1-1:255\">The NIS2 Directive provides for strict sanctions for violations of the Directive's requirements. The sanctions are intended to motivate companies and organisations to comply with the requirements of the directive and improve cyber security. The competent authorities of the EU member states are responsible for imposing sanctions. The sanctions apply to all affected organisations, regardless of whether they are classified as essential or important.<\/p>\n<p data-sourcepos=\"3:1-3:53\">The following sanctions are possible under NIS2:<\/p>\n<ul data-sourcepos=\"5:1-7:0\">\n<li data-sourcepos=\"5:1-5:162\"><strong>Fines<\/strong>Fines can be imposed in the amount of up to 10 million euros or 2 % of global turnover, whichever is higher.<\/li>\n<li data-sourcepos=\"20:1-20:134\"><strong>Imposing administrative fines:<\/strong>\u00a0Administrative fines of up to 10 million euros can be imposed.<\/li>\n<li data-sourcepos=\"21:1-21:215\"><strong>Arrangement of measures to improve information security:<\/strong>\u00a0The competent authorities can order companies and organisations to take measures to improve information security.<\/li>\n<li data-sourcepos=\"22:1-23:0\"><strong>Closure of facilities:<\/strong>\u00a0In particularly serious cases, facilities may be closed.<\/li>\n<\/ul>\n<p data-sourcepos=\"23:1-23:103\">Here are some <strong>Examples of violations of the NIS2 Directive<\/strong>which can lead to sanctions:<\/p>\n<ul data-sourcepos=\"25:1-30:0\">\n<li data-sourcepos=\"25:1-25:79\">Failure to introduce an information security management system (ISMS)<\/li>\n<li data-sourcepos=\"26:1-26:49\">The failure to carry out risk assessments<\/li>\n<li data-sourcepos=\"27:1-27:69\">Failure to report cyber incidents to the competent authorities<\/li>\n<li data-sourcepos=\"28:1-28:63\">Non-compliance with the requirements for reporting deadlines<\/li>\n<li data-sourcepos=\"29:1-30:0\">The provision of insufficient information when reporting cyber incidents<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div>\n<div  id=\"praxisbeispiele\"  class='flex_column av-min4i93n-3f00e23435d31611cc54f0e126bf25b1 av_one_full  avia-builder-el-77  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-min4f2lx-65a3841b1365d302e9e1b09d7b7dff06\">\n#top .av-special-heading.av-min4f2lx-65a3841b1365d302e9e1b09d7b7dff06{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-min4f2lx-65a3841b1365d302e9e1b09d7b7dff06 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-min4f2lx-65a3841b1365d302e9e1b09d7b7dff06 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"sanktionen\"  class='av-special-heading av-min4f2lx-65a3841b1365d302e9e1b09d7b7dff06 av-special-heading-h2 blockquote modern-quote  avia-builder-el-78  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Practical examples: Implementation of NIS2 obligations with ISO 27001<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-min4ewqu-a543043119e4d123569505a1e5cfac02'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>How can this be implemented in practice? Here are some practical examples of how ISO 27001 can serve as a framework to help meet NIS2 requirements:<\/p>\n<ul>\n<li><strong>Practical example 1 \u2013 Risk management:<\/strong> A regional <strong>Energy supplier<\/strong> (approx. 200 employees) now falls under NIS2. It is initially setting up ISO 27001-compliant risk management. In workshops, the company identifies its critical assets (e.g. SCADA systems, customer database) and assesses cyber risks such as power failures caused by hacker attacks. <strong>example measure<\/strong>The risk analysis shows that the communications infrastructure has insufficient redundancy. As a countermeasure, a second Internet backbone connection with automatic failover is installed. This structured approach complies with NIS2 requirements for risk analysis and preventive measures. In addition, the utility documents everything in the ISMS, which serves as evidence in a BSI audit.<\/li>\n<li><strong>Practical example 2 \u2013 Incident response &amp; reporting process:<\/strong> A <strong>hospital<\/strong> (500 beds) develops an emergency plan for IT security incidents in accordance with ISO 27001. When a ransomware incident occurs, the incident response plan kicks in: the IT team isolates affected systems, activates data recovery plans and immediately informs the hospital management. Within 24 hours, the management reports the incident to the BSI and the data protection supervisory authority (due to patient records). Thanks to prepared reporting templates and previously practised procedures, this is achieved within the deadline. In the following 72 hours, the hospital prepares a detailed report with technical analyses and measures. This procedure complies exactly with the NIS2 requirements for incident management and shows how an ISO 27001-based process ensures compliance.<\/li>\n<li><strong>Practical example 3 \u2013 Supply chain security<\/strong>: A <strong>engineering company<\/strong> (120 employees) sources specialised parts from various suppliers. Under NIS2, it must ensure that key suppliers have adequate security measures in place. The company therefore integrates a supplier security check into its ISO 27001 ISMS: all critical suppliers are checked annually by means of a questionnaire or on-site audit. Criteria include, for example, whether an ISMS is in place, whether regular penetration tests are carried out, and whether there is an emergency strategy. Suppliers with poor ratings must make improvements within six months, otherwise they risk being replaced. In addition, the machine manufacturer supplements its purchasing contracts with cybersecurity clauses that grant rights to security checks, among other things. In this way, the NIS2 requirement for greater supply chain security is implemented in practice. ISO 27001 provides the control points (Annex A chapter on supplier security) to approach this in a structured manner.<\/li>\n<\/ul>\n<p>These examples illustrate that ISO 27001 offers a proven toolkit for meeting NIS2 requirements in everyday organisational life. Those who are already ISO-certified have already put many pieces of the puzzle in place and can now concentrate on new aspects such as official reporting channels or extended documentation requirements.<\/p>\n<\/div><\/section><\/p><\/div>\n<div  id=\"fazit\"  class='flex_column av-q2wwro-5dfc4d99f763e2f8d1b22db2cccd7bc1 av_one_full  avia-builder-el-80  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lceyjpa6-9b46d05fb98cffcd3d02926f27c5aed7\">\n#top .av-special-heading.av-lceyjpa6-9b46d05fb98cffcd3d02926f27c5aed7{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-lceyjpa6-9b46d05fb98cffcd3d02926f27c5aed7 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-lceyjpa6-9b46d05fb98cffcd3d02926f27c5aed7 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"fazit\"  class='av-special-heading av-lceyjpa6-9b46d05fb98cffcd3d02926f27c5aed7 av-special-heading-h2 blockquote modern-quote  avia-builder-el-81  el_before_av_textblock  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Conclusion: NIS2 realisation picks up speed again<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n<section  class='av_textblock_section av-lceyx3sx-5d670549adecd67e563976247af28e51'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>After months of delays, the German implementation of the NIS2 Directive has now been finalised, without any transition periods. For organisations, the key recommendation remains: <strong>Act now, don't wait:<\/strong><\/p>\n<ul>\n<li>introduce or tighten up an information security management system (ISMS),<\/li>\n<li>are based on ISO\/IEC 27001 or BSI basic protection and<\/li>\n<li>Define clear reporting processes and responsibilities.<\/li>\n<\/ul>\n<p>This enables them to meet regulatory requirements while significantly strengthening their digital resilience.<\/p>\n<\/div><\/section><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1wonouv-c41722c3cef57e7fa122342a488d5aa7\">\n.flex_column.av-1wonouv-c41722c3cef57e7fa122342a488d5aa7{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-1wonouv-c41722c3cef57e7fa122342a488d5aa7 av_one_full  avia-builder-el-83  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lofinwt5-84719c7b8349526867219abfc3c87ae7\">\n.iconbox.av-lofinwt5-84719c7b8349526867219abfc3c87ae7 .iconbox_icon{\ncolor:#ffffff;\n}\n.iconbox.av-lofinwt5-84719c7b8349526867219abfc3c87ae7 .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .iconbox.av-lofinwt5-84719c7b8349526867219abfc3c87ae7 .iconbox_content_title{\ncolor:#ffffff;\n}\n.iconbox.av-lofinwt5-84719c7b8349526867219abfc3c87ae7 .iconbox_content_container{\ncolor:#ffffff;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-lofinwt5-84719c7b8349526867219abfc3c87ae7 av-icon-style-no-border  avia-builder-el-84  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-complianceos' data-av_icon='\ue901' data-av_iconfont='complianceos'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Achieve NIS2 compliance for your organisation with Robin Data\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Achieve NIS2 compliance for your organisation with Robin Data<\/h3><\/header><div class='iconbox_content_container av_inherit_color'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-lofimxbj-ad5e9856261c50e9096162e15845d0d1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><span style=\"color: #ffffff;\">The new EU directive on cyber security becomes law in Germany. Our consultants implement solutions specifically for the needs of your organisation. From risk and asset management to business continuity concepts and employee training. Together, we implement the requirements of the NIS2 directive step-by-step. Achieve NIS2 compliance for your organisation - book a no-obligation introductory meeting.<\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-buttonrow-wrap av-1t4rs47-56d3dcae696fac9c428008180446d26d avia-buttonrow-left  avia-builder-el-86  el_after_av_textblock  avia-builder-el-last'>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714\">\n#top #wrap_all .avia-button.av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714{\nbackground-color:#ffffff;\nborder-color:#ffffff;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\nmargin-bottom:5px;\nmargin-right:5px;\n}\n#top #wrap_all .avia-button.av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714:hover{\nbackground-color:#00b3bd;\ncolor:#ffffff;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714 .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n#top #wrap_all .avia-button.av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714:hover .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/information-security-officer-2'  class='avia-button av-12fu5qv-a4ce710a9a5221598b91e8583e0dd714 avia-icon_select-yes-left-icon avia-size-medium'   aria-label=\"Further Information\"><span class='avia_button_icon avia_button_icon_left avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue81f' data-av_iconfont='entypo-fontello' ><\/span><span class='avia_iconbox_title' >Further Information<\/span><\/a>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2gd2k7-365685bea5c5defc9306fb0966e28535\">\n#top #wrap_all .avia-button.av-2gd2k7-365685bea5c5defc9306fb0966e28535{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\ntransition:all 0.4s ease-in-out;\nmargin-bottom:5px;\nmargin-right:5px;\n}\n#top #wrap_all .avia-button.av-2gd2k7-365685bea5c5defc9306fb0966e28535:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-2gd2k7-365685bea5c5defc9306fb0966e28535 .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-2gd2k7-365685bea5c5defc9306fb0966e28535:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/events\/demo\/#anmeldung'  class='avia-button av-2gd2k7-365685bea5c5defc9306fb0966e28535 avia-icon_select-yes-left-icon avia-size-medium'   aria-label=\"Schedule a meeting\"><span class='avia_button_icon avia_button_icon_left avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue875' data-av_iconfont='entypo-fontello' ><\/span><span class='avia_iconbox_title' >Schedule a meeting<\/span><\/a>\n<\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885\">\n.flex_column.av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885{\nborder-radius:10px 10px 10px 10px;\npadding:50 px 50 px 50 px 50 px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  class='flex_column av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885 av_one_full  avia-builder-el-87  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p><br \/>\n<div  class='av-social-sharing-box av-ka3jmz4x-5dcebd1f09db7c20daac0063288815c9 av-social-sharing-box-default  avia-builder-el-89  el_after_av_codeblock  avia-builder-el-last  av-social-sharing-box-fullwidth'><div class=\"av-share-box\"><h5 class='av-share-link-description av-no-toc'>Do you like the piece? Feel free to share it.<\/h5><ul class=\"av-share-box-list noLightbox\"><li class='av-share-link av-social-link-facebook avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on Facebook\" href='https:\/\/www.facebook.com\/sharer.php?u=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive&#038;t=NIS2%3A%20EU-Richtlinie%20f%C3%BCr%20mehr%20Cybersicherheit' data-av_icon='\ue8f3' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on Facebook'><span class='avia_hidden_link_text'>Share on Facebook<\/span><\/a><\/li><li class='av-share-link av-social-link-twitter avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on X\" href='https:\/\/twitter.com\/share?text=NIS2%3A%20EU-Richtlinie%20f%C3%BCr%20mehr%20Cybersicherheit&#038;url=https:\/\/www.robin-data.io\/en\/?p=16055' data-av_icon='\ue932' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on X'><span class='avia_hidden_link_text'>Share on X<\/span><\/a><\/li><li class='av-share-link av-social-link-linkedin avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on LinkedIn\" href='https:\/\/linkedin.com\/shareArticle?mini=true&#038;title=NIS2%3A%20EU-Richtlinie%20f%C3%BCr%20mehr%20Cybersicherheit&#038;url=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive' data-av_icon='\ue8fc' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on LinkedIn'><span class='avia_hidden_link_text'>Share on LinkedIn<\/span><\/a><\/li><li class='av-share-link av-social-link-mail avia_social_iconfont' ><a  aria-label=\"Share by Mail\" href='mailto:?subject=NIS2%3A%20EU-Richtlinie%20f%C3%BCr%20mehr%20Cybersicherheit&#038;body=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive' data-av_icon='\ue805' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share by Mail'><span class='avia_hidden_link_text'>Share by Mail<\/span><\/a><\/li><\/ul><\/div><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d\">\n.flex_column.av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d av_one_full  avia-builder-el-90  el_after_av_one_full  avia-builder-el-last  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-kaqhth2e-c0ce0e9fc51ca4569850f4a16f47c8e1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 style=\"text-align: center;\">This might interest you too:<\/h3>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kaqhpdsy-c149d804dc26de4da98e9603962fa194\">\n#top .hr.hr-invisible.av-kaqhpdsy-c149d804dc26de4da98e9603962fa194{\nheight:25px;\n}\n<\/style>\n<div  class='hr av-kaqhpdsy-c149d804dc26de4da98e9603962fa194 hr-invisible  avia-builder-el-92  el_after_av_textblock  el_before_av_blog'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<div  data-slideshow-options=\"{&quot;animation&quot;:&quot;fade&quot;,&quot;autoplay&quot;:false,&quot;loop_autoplay&quot;:&quot;once&quot;,&quot;interval&quot;:5,&quot;loop_manual&quot;:&quot;manual-endless&quot;,&quot;autoplay_stopper&quot;:false,&quot;noNavigation&quot;:false,&quot;show_slide_delay&quot;:90}\" class='avia-content-slider avia-content-grid-active avia-content-slider1 avia-content-slider-odd  avia-builder-el-93  el_after_av_hr  avia-builder-el-last  av-slideshow-ui av-control-default   av-no-slider-navigation av-slideshow-manual av-loop-once av-loop-manual-endless'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Blog\" ><div class=\"avia-content-slider-inner\"><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-16231 slide-entry-overview slide-loop-1 slide-parity-odd  av_one_third first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/definition-audit-management-and-audit-management-software' data-rel='slide-1' class='slide-image' title='Manage audits efficiently'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"341\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1-495x341.jpg\" class=\"wp-image-14089 avia-img-lazy-loading-not-14089 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Manage audits efficiently\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/definition-audit-management-and-audit-management-software' title='Manage audits efficiently'>Manage audits efficiently<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Understanding and implementing audit management: Step-by-step explanation, background information, examples and definitions. Read now!<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/definition-audit-management-and-audit-management-software\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2023-10-26T11:11:12+02:00\" >26 October 2023<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/definition-audit-management-and-audit-management-software#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>341<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2025-11-13T17:46:49+01:00\" >2023-10-26 11:11:12<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-03-24 15:59:45<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Manage audits efficiently<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-16023 slide-entry-overview slide-loop-2 slide-parity-even  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/asset-management-and-asset-management-system' data-rel='slide-1' class='slide-image' title='Asset management: Practical implementation'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150313\/Dokumentationspflichten-495x343.jpg\" class=\"wp-image-14057 avia-img-lazy-loading-not-14057 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Asset management: Practical implementation\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/asset-management-and-asset-management-system' title='Asset management: Practical implementation'>Asset management: Practical implementation<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Efficient asset management: structure, implementation, example for classes and categories, protection needs assessment. Read now!<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/asset-management-and-asset-management-system\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2023-09-21T09:39:50+02:00\" >21 September 2023<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/asset-management-and-asset-management-system#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150313\/Dokumentationspflichten.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2025-11-13T17:46:49+01:00\" >2023-09-21 09:39:50<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-03-24 13:40:59<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Asset management: Practical implementation<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-15936 slide-entry-overview slide-loop-3 slide-parity-odd  post-entry-last  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-6' data-rel='slide-1' class='slide-image' title='Environmental management according to ISO 14001'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150316\/Energie-und-Umwelt-495x343.jpg\" class=\"wp-image-14059 avia-img-lazy-loading-not-14059 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: Environmental management according to ISO 14001\"><h3 class='slide-entry-title entry-title'  itemprop=\"headline\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-6' title='Environmental management according to ISO 14001'>Environmental management according to ISO 14001<\/a><\/h3><span class=\"blog-categories minor-meta\"><a href=\"https:\/\/www.robin-data.io\/en\/category\/data-protection-and-data-security-academy\/wiki\" rel=\"tag\">Wiki<\/a> <\/span><span class=\"av-vertical-delimiter\"><\/span><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Environmental management according to ISO 14001: structure, implementation, example of measures and requirements Environmental management system. Read now!<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-6\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2023-09-07T10:53:09+02:00\" >7 September 2023<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/compliance-management-in-the-company-6#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150316\/Energie-und-Umwelt.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2025-11-13T17:46:49+01:00\" >2023-09-07 10:53:09<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-03-24 13:40:56<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>Environmental management according to ISO 14001<\/span><\/span><\/span><\/article><\/div><\/div><\/div><\/p><\/div>","protected":false},"excerpt":{"rendered":"<p>What does the NIS-2 Directive mean for organisations in Germany? Implementation obligations, sanctions, tips for implementation.<\/p>","protected":false},"author":3,"featured_media":14055,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[95,122],"class_list":["post-16055","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-aktuelles","tag-einfuehrung"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v26.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>NIS2: Die neuesten Entwicklungen und Updates<\/title>\n<meta name=\"description\" content=\"Was bedeutet die NIS-2-Richtlinie f\u00fcr Organisationen in Deutschland? Umsetzungspflichten, Sanktionen, Tipps zur Umsetzung. Jetzt lesen!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit\" \/>\n<meta property=\"og:description\" content=\"Was bedeutet die NIS-2-Richtlinie f\u00fcr Organisationen in Deutschland? Umsetzungspflichten, Sanktionen, Tipps zur Umsetzung. Jetzt lesen!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive\" \/>\n<meta property=\"og:site_name\" content=\"Robin Data GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/robindatade\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T16:46:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-03T13:21:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"685\" \/>\n\t<meta property=\"og:image:height\" content=\"343\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Caroline Schwabe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:site\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Caroline Schwabe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"24 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie\"},\"author\":{\"name\":\"Caroline Schwabe\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"headline\":\"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit\",\"datePublished\":\"2025-11-13T16:46:49+00:00\",\"dateModified\":\"2025-12-03T13:21:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie\"},\"wordCount\":19786,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"keywords\":[\"Aktuelles\",\"Einf\u00fchrung\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#respond\"]}]},{\"@type\":[\"WebPage\",\"ItemPage\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie\",\"url\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie\",\"name\":\"NIS2: Die neuesten Entwicklungen und Updates\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"datePublished\":\"2025-11-13T16:46:49+00:00\",\"dateModified\":\"2025-12-03T13:21:10+00:00\",\"author\":{\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"description\":\"Was bedeutet die NIS-2-Richtlinie f\u00fcr Organisationen in Deutschland? Umsetzungspflichten, Sanktionen, Tipps zur Umsetzung. Jetzt lesen!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage\",\"url\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"contentUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg\",\"width\":685,\"height\":343},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.robin-data.io\/startseite\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.robin-data.io\/#website\",\"url\":\"https:\/\/www.robin-data.io\/\",\"name\":\"Robin Data GmbH\",\"description\":\"Robin Data ComplianceOS\u00ae Das Compliance Operating System\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.robin-data.io\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\",\"name\":\"Caroline Schwabe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"caption\":\"Caroline Schwabe\"},\"description\":\"Frau Schwabe ist Informationsdesignerin und Datenschutzbeauftragte. Der Schwerpunkt ihrer Arbeit liegt darin, Kunden und Interessenten mit Beitr\u00e4gen in der Robin Data Datenschutz-Akademie weiterzuhelfen.\",\"url\":\"https:\/\/www.robin-data.io\/en\/author\/csc\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NIS2: The latest developments and updates","description":"What does the NIS 2 Directive mean for organisations in Germany? Implementation obligations, sanctions, tips for implementation. Read now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive","og_locale":"en_GB","og_type":"article","og_title":"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit","og_description":"Was bedeutet die NIS-2-Richtlinie f\u00fcr Organisationen in Deutschland? Umsetzungspflichten, Sanktionen, Tipps zur Umsetzung. Jetzt lesen!","og_url":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive","og_site_name":"Robin Data GmbH","article_publisher":"https:\/\/www.facebook.com\/robindatade\/","article_published_time":"2025-11-13T16:46:49+00:00","article_modified_time":"2025-12-03T13:21:10+00:00","og_image":[{"width":685,"height":343,"url":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","type":"image\/jpeg"}],"author":"Caroline Schwabe","twitter_card":"summary_large_image","twitter_creator":"@RobinData_DE","twitter_site":"@RobinData_DE","twitter_misc":{"Written by":"Caroline Schwabe","Estimated reading time":"24 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#article","isPartOf":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie"},"author":{"name":"Caroline Schwabe","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"headline":"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit","datePublished":"2025-11-13T16:46:49+00:00","dateModified":"2025-12-03T13:21:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie"},"wordCount":19786,"commentCount":0,"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","keywords":["Aktuelles","Einf\u00fchrung"],"articleSection":["News"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#respond"]}]},{"@type":["WebPage","ItemPage"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie","url":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie","name":"NIS2: The latest developments and updates","isPartOf":{"@id":"https:\/\/www.robin-data.io\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage"},"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","datePublished":"2025-11-13T16:46:49+00:00","dateModified":"2025-12-03T13:21:10+00:00","author":{"@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"description":"What does the NIS 2 Directive mean for organisations in Germany? Implementation obligations, sanctions, tips for implementation. Read now!","breadcrumb":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#primaryimage","url":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","contentUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg","width":685,"height":343},{"@type":"BreadcrumbList","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/news\/nis-2-richtlinie#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.robin-data.io\/startseite"},{"@type":"ListItem","position":2,"name":"NIS2: EU-Richtlinie f\u00fcr mehr Cybersicherheit"}]},{"@type":"WebSite","@id":"https:\/\/www.robin-data.io\/#website","url":"https:\/\/www.robin-data.io\/","name":"Robin Data GmbH","description":"Robin Data ComplianceOS\u00ae The Compliance Operating System","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.robin-data.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5","name":"Caroline Schwabe","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","caption":"Caroline Schwabe"},"description":"Ms. Schwabe is an information designer and Data Protection Officer. The focus of her work is to help customers and interested parties with contributions to the Robin Data Privacy Academy.","url":"https:\/\/www.robin-data.io\/en\/author\/csc"}]}},"_links":{"self":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/16055","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/comments?post=16055"}],"version-history":[{"count":70,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/16055\/revisions"}],"predecessor-version":[{"id":16136,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/16055\/revisions\/16136"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media\/14055"}],"wp:attachment":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media?parent=16055"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/categories?post=16055"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/tags?post=16055"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}