Exclusive expert tips, customer stories and more.
If companies belong to the so-called critical infrastructures (CRITIS), they are regulated by law with regard to cyber security, for example
In Germany, this law is called the "IT Security Act" (version 2.0 since 2022), which is an article law that amends the "individual law" relevant to CRITIS, namely the BSI Act, or BSIG for short.
With the IT Security Act 2.0 or the amended BSIG, the obligations for German CRITIS operators have become even more stringent. The group of companies affected has also increased due to new definitions and threshold values.
In our view, with the IT Security Act 2.0, Germany, as with the NIS 1 Directive, has "pre-empted" the NIS 2 Directive in terms of content and time. The strict IT Security Act 2.0 should already have implemented large parts of the new NIS-2 Directive. The missing parts would then possibly be transposed into national law in an IT Security Act 3.0 or in the planned CRITIS umbrella law. The same implementation scenario is also considered likely for the EU RCE Directive on the resilience of critical entities, the CER Directive.
All regulations on CRITIS cyber security are always about ensuring appropriate organisational and technical precautions to prevent disruptions to the
of information technology systems, components or processes. These must correspond to the current state of the art in order to achieve a high level of security of network and information systems.
In Germany, since 2022, in addition to the CRITIS operators, manufacturers and upstream suppliers must also optionally submit a guarantee declaration / trustworthiness check for critical components in accordance with § 9b paragraph (3) BSIG.
Dallmeier products and solutions have the highest level of technical precautions and functions that enable customers and CRITIS operators to implement cybersecurity-compliant video security solutions.
Dallmeier stands for the highest level of security in terms of law and compliance, data protection and cybersecurity:
EU NIS-2 cybersecurity directive in force since November 2022:
EU Critical Infrastructure Resilience Directive in force since November 2022: