NIS2 – Impacts on the Supply Chain

Germany’s NIS2 Implementation and Cybersecurity Strengthening Act (NIS2UmsuCG) is expected to come into force in spring 2025. This new regulation will have significant implications for service provider contracts and cybersecurity. Companies should not wait passively but actively prepare to comply with the legal requirements. This article outlines how NIS2 will affect future service provider contracts for regulated entities and what…

weiterlesen

NIS2: Who is affected, and what needs to be done?

After our first blog article (April 2024) on the new EU NIS2 Guidline dealt with the basics, differences to NIS1, and the legislative situation, we will this time focus on the following topics: What criteria are used to categorize companies that operate critical infrastructure? What sanctions are potentially possible? What measures, especially in the area…

weiterlesen

The Outsourcing of IT security services

When it comes to outsourcing IT services—particularly commodity services such as data centre operations or workplace management—there is a wealth of experience. As a result, it has become common practice to delegate parts of IT operations to external service providers. However, many organisations remain hesitant about outsourcing IT security services due to the perceived high…

weiterlesen