#NIS2
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
Fun Fact
69% of Tumblr users are millennials.
Text
NIS-2 Richtlinie: Ist dein Unternehmen betroffen?
Letzte Woche haben wir dir bereits einen Überblick zur NIS-2 Richtlinie gegeben – jetzt gehen wir einen Schritt weiter. In unserem neuesten YouTube Video zeigen wir, welche Unternehmen von der NIS-2 betroffen sind.
Du erfährst: ✔︎ Welche Sektoren und Unternehmensgrößen unter NIS-2 fallen ✔︎ Welche Kategorien & Schwellenwerte entscheidend sind ✔︎ Warum nicht nur Großkonzerne, sondern auch viele mittelständische Unternehmen handeln müssen
Ab 2024 gilt in der gesamten EU ein neues Sicherheitsniveau – insbesondere für Betreiber kritischer Infrastrukturen (KRITIS) wie im Bereich Energie, Wasser oder Gesundheit. Auch viele deutsche Unternehmen sind davon direkt betroffen.
Schau dir jetzt das neue Video an: NIS-2 Richtlinie - wer ist betroffen?
Und falls du den ersten Teil verpasst hast: Das Einführungsvideo zur NIS-2 Richtlinie findest du direkt auf dem YouTube-Kanal der VORST AG!
#NIS2#NIS2Richtlinie#KRITIS#Cybersicherheit#ITSecurity#Informationssicherheit#Datensicherheit#CyberResilience#ITCompliance#VORESTAG
0 notes
Text
Sovranità Digitale Europea: Tra Dipendenze Cloud e Spinta Startup, la Via è l'Intelligenza Edge Efficiente
#AI Act#Big Data#Chips Act#Cina#Cloud Computing#Competitività Europea#Cyber Resilience Act#Cybersecurity#Data Swamp#Deep Tech#Digital Sovereignty#Edge AI#edge computing#efficienza#Europa#GDPR#geopolitica#Germania Startup Strategy#Innovazione tecnologica#Intelligenza Artificiale#Intelligenza Distribuita#Internet of Things#investimenti#IoT#Kaizen#Lean#Mining Idee#New Deal High-Tech#NextGenerationEU#NIS2
0 notes
Text
The NIS2 Directive (Network and Information Security Directive) plays a crucial role in the cybersecurity landscape in the European Union (EU).
Reinforcement of Security Measures NIS2 aims to strengthen cyber security and resilience measures to protect critical infrastructure and essential services. It covers a wide range of sectors, including healthcare, energy, transportation, postal services, and more.
Increased Responsibility The directive increases the responsibility of organizations by requiring them to implement robust cybersecurity measures. This includes risk management, incident reporting, business continuity and employee training.
Supervision and Sanctions NIS2 strengthens supervisory powers and introduces more severe sanctions for non-compliance with security obligations. Fines can reach 10 million euros or 2% of global turnover, whichever is greater.
Preparation for the New Reality Organizations need to prepare for the new reality imposed by NIS2, adopting rigorous risk management methodologies and ensuring compliance with the new regulations.
Impact on Business The directive has a significant impact on businesses, especially those providing essential or important services.
Companies need to adjust their policies and practices to meet new cybersecurity requirements. NIS2 is an important step towards strengthening cybersecurity in the EU and protecting against the growing risks of cybercrime and IT failures.
#nis2 #eu #cybersecurity
0 notes
Link
Scopri tutto quello che devi sapere su adempimenti legali, CRM, ERP e software gestionale! In questo episodio di Merita, esploriamo gli aspetti legali legati a strumenti indispensabili per le aziende, come la gestione dei dati, il rispetto delle normative GDPR e Privacy, e i contratti con i fornitori di software. Con noi, un ospite d’eccezione: Prof. Avv. Gianluigi Fioriglio, esperto di informatica giuridica e docente universitario presso l’Università di Modena e Reggio Emilia. Parleremo di:
Come garantire la compliance al GDPR quando si implementano CRM e software gestionali.
Le sfide legate alla privacy by design e privacy by default.
L'importanza di leggere i contratti con i fornitori, tra clausole vessatorie e rischi di lock-in.
La gestione dei dati sensibili e dei contatti aziendali, anche in caso di furto o violazione da parte di dipendenti.
Le normative come la NIS2 e il loro impatto crescente sulle aziende.
Sei sicuro che il tuo CRM rispetti tutte le normative e protegga adeguatamente i tuoi dati? Non lasciare nulla al caso! 👉 Lascia un commento o contattaci per approfondire questi temi. 📩 Trovi tutti i link e il form per prenotare una consulenza qui sotto. 👉 https://www.merita.biz/prof-fioriglio
0 notes
Text
A GDPR semmi volt ehhez képest: közeleg a NIS2 keretrendszer kialakításának határideje
A GDPR semmi volt ehhez képest: közeleg a NIS2 keretrendszer kialakításának határideje
jelentős költségeket jelenthet a cégeknek az extra adminisztráció Az Európai Unió az egyre gyakoribbá váló kiberfenyegetések miatt még 2023 januárjában fogalmazta meg a NIS2 kibervédelmi irányelvet, amely csak hazánkban több ezer céget érint. Magyarország az első uniós tagállamok között adta ki a vonatkozó törvényt, amelynek értelmében a vállalatoknak idén év végéig, december 31-ig kell…
0 notes
Text
NIS2 (Network and Information Systems Directive 2) is an EU regulation designed to strengthen cybersecurity across member states. It aims to enhance resilience and security for critical sectors by improving risk management incident reporting and cooperation. between national. authorities NIS2 expands on the original directive focusing on safeguarding essential digital infrastructure! https://nis2konform.de/en
1 note
·
View note
Text
SICUREZZA MADE IN ITALY e NIS2
La sicurezza dei nostri dati si basa su una nuova concezione della compliance-by-design
Da ottobre 2024 la NIS2 metterà al primo posto per ogni ecosistema di valore il tema della cybersecurity. La trasformazione digitale ha cambiato il modo in cui viviamo, rendendoci dipendenti da sistemi informatici sempre più complessi che espongono le aziende, grandi e piccole, a rischi cyber sempre più sofisticati. In questo contesto la direttiva NIS2 [2022], in vigore da ottobre 2024, segna un…
0 notes
Text
Are solar power systems prone to cyberattacks?
“Like any technological revolution, digitalisation presents incredible opportunity, for example, energy system cost savings of €160 billion per year,”
“It also comes with new challenges, like cybersecurity. We didn’t need anti-virus protection for a typewriter - but we do need it for our laptops. As a responsible, forward-looking sector, we have mapped the cybersecurity challenge, and we’re rising to meet it with clear, comprehensive solutions.”
The report, written by risk management organisation DNV.
Europe’s move away from an energy system dependent on a few high-impact targets to a more decentralised system offers clear energy security benefits, the report states. Ukraine has learnt this in a particularly brutal way, following repeated cyberattacks on its power grid by Russia.
But to realise these benefits, cybersecurity laws, which focus on old, centralised infrastructure, need to be updated, the experts say. New legislation must address the specific security needs of distributed energy sources, like smaller rooftop solar installations.
Though on a much smaller scale than the strikes on other parts of the energy sector, the solar sector has faced attacks and interference, too.
In 2023, a group of Romanian solar customers modified mandatory inverter settings - which convert DC electricity generated by panels into the AC electricity used by homes - to disable the voltage-active power function.
This function is required by the grid operators to reduce active power at high grid voltage, in order to keep the power system running efficiently and safely.
Modifying this grid support function enabled the customers to make more money by not limiting their solar systems during high-voltage events, potentially jeopardising grid integrity as a result.
In a more pernicious incident, pro-Russian hacktivist group Just Evil stole credentials for 22 client sites in Lithuania and posted them on the Dark Web last year. This opened up access to the management portal of these solar sites, although access was not used to carry out further attacks on that occasion.
Analysing risk, the report found that these large utility-scale solar installations are more secure, since they are often managed by experienced utilities and covered by the EU’s Network and Information Security (NIS2) Directive.
Small-scale solar systems, meanwhile, which are often rooftop installations on people’s homes or businesses, lack strict cyber rules. They are connected to the clouds of manufacturers, installers, or service providers.
And while the impact of compromising a single installation is low, when grouped together for power system efficiency, they become virtual power plants of significant scale.
#solarpunk#solarpunk business#solar punk#solar power#cyber security#new laws#new rules#new ways to think about decentralized energy security
10 notes
·
View notes
Text
Most EU Nations to Miss Upcoming NIS2 Deadline
http://securitytc.com/TFLN84
2 notes
·
View notes
Text
So I got an email at work telling me to change my password... because I must do that every 2 months...
That is... known security theater ( The security word for "scam" ) this in combination with admin by request (As in, I must give a written explanation for why I want to use my PC) and us having NO clue how our own protocols work means I am now 100% certain that whoever does our security have no idea what they are doing... and that we have no system in place that can do ANY sanity check if the security people know what they are doing...
In other news, I soon have a meeting with my boss where he wants to know how it is going. That is going to be FUN! I am putting a PRESENTATION together!
I consider my job to be "Create value for the company". And that involves telling the company when they are being idiotic.
Maybe the conpany already knows? No. They need to start getting NIS2 certified in August... and they think that they are ready for that, and it will be a easy thing to do...
3 notes
·
View notes
Text
Die NIS-2 Richtlinie - Was steckt dahinter?
Vielleicht ist dir in den letzten Monaten schon mal die NIS-2 Richtlinie begegnet – aber weißt du auch, was dahintersteckt?
Unser neues YouTube-Video zur NIS-2 Richtlinie fasst dir die Grundlagen auf den Punkt zusammen:
🔹 Wie es zur NIS-2 Richtlinie kam und welchen Hintergrund sie hat 🔹 Welche Ziele die EU mit dieser Richtlinie verfolgt 🔹 Warum NIS-2 für Unternehmen und Organisationen so relevant ist
Die „Network and Information Systems Directive 2“ stellt neue Anforderungen an die Cybersicherheit – mit dem Ziel, kritische Infrastrukturen in Europa besser zu schützen.
Du willst tiefer einsteigen? Dann schau mal auf unserer Wissensseite zur NIS-2 und den geänderten Anforderungen vorbei.
Du fragst dich, ob dein Unternehmen betroffen ist? Dann bleib gespannt – nächste Woche erfährst du mehr!
#NIS2#NIS2Richtlinie#Cybersicherheit#KritischeInfrastrukturen#ITSecurity#DigitalSecurity#Informationssicherheit#Datenschutz#SecurityAwareness#CyberResilienz#EUCompliance#Sicherheitsstrategie#VORESTAG
0 notes
Text
How does ISO 22301 certification align with Danish and EU risk management laws?
ISO 22301 Certification in Denmark., In the current era of growing cyber-attacks as well as supply chain disruptions and climate-related events, business continuity planning is more essential than ever. For businesses that are located in Denmark or across the EU, ISO 22301 certification is a strong structure that can help with compliance with the law and also provides risk resilience.
What exactly does ISO 22301 align with Danish and European Union risk management regulations? Let’s look at it in detail.
What is ISO 22301?
ISO 22301:2019 is the internationally recognised Business Continuity Management Systems (BCMS) standard. It offers a framework for planning, responding to, and recovering from disruption events to keep running critical operations.
ISO 22301 and Danish Risk Management Laws
Denmark has national expectations for resilience of organisations, especially in the most critical areas such as:
Energy
Finance
Healthcare
Transportation
IT services provided by the government
Key Alignments to Danish Regulations:
Operational Resilience Standards
The Danish Business Authority (Erhvervsstyrelsen) and the Danish Energy Agency (Energistyrelsen) focus on continuity and risk assessment. ISO 22301 aligns with these by:
Business impact analysis is required. (BIA)
Documenting recovery and continuity procedures
Ensuring accountability and oversight of the executive
Frameworks for Crisis Management
Danish officials typically require contingency planning regarding licensing or tenders for public tenders, especially for defence and infrastructure. ISO 22301 strengthens bids by showing readiness.
Security and Resilience of IT
The Danish Centre for Cyber Security (CFCS) promotes cybersecurity preparedness for cyber incidents. ISO 22301 works alongside ISO 27001 to help businesses deal with cyber-related risks and widespread operational disruptions.
ISO 22301 and EU Risk Management Laws
1. EU General Data Protection Regulation (GDPR)
Article 32 of the GDPR requires companies to take measures to ensure the stability and reliability of their processing systems. ISO 22301 complements this by:
Implementing IT continuity procedures
This includes data backups and disaster strategies for recovery.
In support of GDPR-compliant incident response
2. EU NIS2 Directive
In the NIS2 Directive (Network and Information Security Directive), Essential and vital entities (e.g. finance, energy, healthcare) must:
Control operational and cybersecurity risks.
Make sure critical services are available.
Send serious incidents to regulators.
ISO 22301 provides a ready-made framework to meet the requirements of ISO 22301, which include:
Risk assessments
Recovery time goals (RTOS)
Response plans that are documented
Danish companies operating under NIS2 must exhibit the use of risk management techniques — ISO 22301 is a strategic advantage for ensuring compliance.
3. EU Civil Protection and Critical Infrastructure Resilience
ISO 22301 is aligned with other EU strategies, such as Critical Infrastructure Protection (CIP) and emergency management, by requiring companies to:
Identify essential services
Ensure continuity even in the most stressful scenarios
Respond in coordination with stakeholders from outside
Benefits of Alignment
Increased compliance with the law and regulations.
Procurement and tendering processes are streamlined.
Improved relationships with regulators and other stakeholders, better prepared for audits and inspections.
Less legal liability in the event of a crisis
Why choose Factocert for ISO 22301 Certification in Denmark?
We provide the best ISO 22301 certification consultants in Denmark, who are very knowledgeable and provide you with the best solution. And to knowhow to get ISO 22301 certification in Denmark Kindly reach us at [email protected]. ISO 22301 Certification consultants follow the guidelines set by the international organization for standardization and help the organization to implement ISO 22301 certification in Denmark in an easy way with proper documentation and audit.
For more information visit: ISO 22301 Certification in Denmark.
0 notes
Text
0 notes
Text
Business Continuity and Availability Programs in Germany: A Niche Yet Growing Field
From cyber threats and pandemics to supply chain disruptions and natural disasters, companies in a world economy characterised by uncertainty confront an always growing variety of difficulties. Business Continuity (BC) and Availability Programs have become important tools as companies try to protect operations. Although these areas have long been acknowledged in nations like the US and UK, Germany is now seeing an increase in awareness and need, thus this is a specialised but fast expanding sector.
Understanding Business Continuity and Availability
Business Continuity is the strategic and logistical planning guaranteeing vital business operations can carry on during and after a disturbance. It involves:
Risk assessment and mitigation
Crisis management planning
IT disaster recovery
Communication strategies
Employee preparedness
Availability,on the other hand, is concerned with making sure IT systems, applications, and services are accessible when required. It addresses:
System uptime and resilience
Redundancy and failover systems
Service Level Agreements (SLAs)
High-availability architectures
These systems, when used together, seek to improve organisational resilience, guarantee low downtime, and safeguard long-term corporate viability.
Why Germany is Ramping Up Interest in BC and Availability Programs
Germany is known for its engineering excellence, robust manufacturing sector, and high-quality standards. Physical production systems are more and more linked to IT systems in today's digital era, therefore generating new vulnerabilities. Here is the reason BC and availability are becoming more popular in Germany:
1. Digital Transformation and Industry 4.0
Germany is a leader of Industry 4.0, the incorporation of cyber-physical systems into manufacturing. The danger of IT failures grows more significant as factories digitalise. System outages or cyberattacks can stop manufacturing lines, therefore costing millions. To prevent such interruptions, companies are now spending on continuity planning.
2. Regulatory and Compliance Pressure
EU-level rules such as the General Data Protection Regulation (GDPR) and NIS2 Directive stress data security and infrastructure resiliency. German companies have to follow stricter policies to guarantee data integrity and service availability, which will drive more need for official BC programs.
3. Rise in Cyber Threats
Cyberattacks aimed at private enterprises as well as public infrastructure have significantly increased in Germany. Particularly ransomware, the German Federal Office for Information Security (BSI) noted an all-time high in cyber incidents for 2024. These occurrences have caused businesses to reconsider their preparedness and have driven them towards official continuity systems.
4. Pandemic Lessons
The COVID-19 epidemic was a real-time case study in continuity failure and success. Remote work, supply chain interruptions, and customer service disruptions drew attention to the need of improved preparation and motivated companies to support BC initiatives as a long-term protection.
Academic Pathways and Training in Germany
The academic and professional training system surrounding a field expands as it develops. Though Business Continuity is not yet popular as a separate academic subject in Germany, several universities and organisations are starting to provide specialised courses in this field.
Top Universities and Programs
Technische Universität München (TUM)
Part of its Master's in Management & Technology, Technische Universität München (TUM) provides electives in IT Security and Resilience. It addresses business continuity in digital companies.
Hasso Plattner Institute, University of Potsdam
With courses that address disaster recovery and availability engineering, Hasso Plattner Institute, University of Potsdam provides advanced training in IT systems engineering and cyber resilience.
Frankfurt School of Finance & Management
Preparing students to run large-scale disturbances, their MBA and executive programs include courses in risk management and operational resilience.
IU International University of Applied Sciences
Renowned for its adaptable learning routes, IU provides courses in Cyber Security and IT Management, which cover concepts of business continuity
RWTH Aachen University
Courses in engineering and business integration at RWTH Aachen University usually stress process dependability and risk analysis, two key components of availability planning.
Professional Certifications Available in Germany
Professionals may seek internationally acknowledged certificates to augment academic knowledge, such as:
Certified Business Continuity Professional (CBCP)
ISO 22301 Lead Implementer
ITIL for Service Availability Management
Certified Information Systems Security Professional (CISSP) with BC domains
German universities or foreign organisations with a German presence are increasingly providing these certifications.
Career Opportunities in the Field
Career opportunities in Business Continuity and Availability are increasing as awareness and control rise. Different industries are increasingly in need:
Key Sectors Hiring BC Professionals in Germany
Banking and Financial Services:Financial Services and Banking Regulatory compliance calls for thorough resilience and disaster recovery strategies.
Manufacturing and Automotive:In automated settings, high-availability systems are absolutely vital.
Healthcare and Pharma: Patient care depends on data protection and service availability in healthcare and pharma.
IT and Telecommunications: These businesses themselves offer the backbone for continuity services.
Public Sector and Utilities: National infrastructure calls for certain uptime and crisis management strategies.
Job Roles Include:
Business Continuity Manager
Disaster Recovery Analyst
IT Availability Engineer
Risk and Resilience Consultant
Crisis Communications Manager
Operational Risk Analyst
Depending on experience and specialisation, the average annual pay for professionals in this field in Germany runs from €55,000 to €95,000.
German Companies Leading the Way
Among them are several prominent German and foreign businesses based in Germany that have begun to formalise continuity initiatives:
Siemens: As part of its worldwide operations, Siemens runs a thorough continuity and resilience system.
Deutsche Bank:Regulatory pressure in the banking sector drives Deutsche Bank to invest significantly in continuity planning.
BASF: With facilities all over the world, BASF includes operational resilience into its supply chain strategy.
SAP:Practices what it preaches and includes business continuity solutions in its product line.
Often leading by example for mid-sized businesses and startups, these organisations help to drive industry expansion even more.
Challenges and the Road Ahead
Though encouraging, there are obstacles to be overcome to completely mainstream BC and availability initiatives in Germany.
1. Lack of Awareness in SMEs
Although big companies are spending in continuity, small and medium businesses (SMEs), which are the foundation of the German economy, usually lack both knowledge and means to carry out thorough initiatives.
2. Skill Gap
A lack of professionals qualified in both IT systems and strategic risk planning produces a skill gap. Bridging this gap calls for improved integration of continuity ideas into current academic courses.
3. Evolving Threat Landscape
Continuity programs have to change as threats get more complex. Plans based on physical disturbances have to grow to include cyber and digital hazards, which call for more technical and quick reactions.
Conclusion
Germany is on the verge of a significant change in how it views and applies Business Continuity and Availability Programs. Once regarded as a niche sector, this one is now picking up speed as a strategic pillar in digital transformation and risk management. Germany is rapidly becoming a hotspot for education and jobs in this field given rising cybersecurity concerns, strict compliance standards, and a national drive towards resilient infrastructure.
Now is the perfect time to investigate academic and professional prospects in this changing sector for students and professionals looking ahead.
Clifton Study Abroad is dedicated to assist you find the appropriate programs, colleges, and career paths complementing your interests in Risk Management, IT Resilience, and Business Continuity. Our knowledgeable advisors are here to guide you at every stage whether your goals are professional certification, master's degree, or industry placement in Germany.
Clifton Study Abroad can help you study in Germany to begin your path towards a resilient future.
#study abroad#study in uk#study abroad consultants#study in australia#study in germany#study in ireland#study blog
0 notes
Text
⏳ Only 24 hours.
That’s how long critical EU-based companies now have to report a major cyber breach under the new NIS2 Directive and Cyber Resilience Act.
Think of it as a cyber emergency protocol—because speed saves systems.
If your team were hit by ransomware today... Would you be able to file a full alert in time?
🧠 Dive into the full story: https://blueheadline.com/cybersecurity/24-hours-eu-deadline-cyber-attacks/
👉 Reblog if you think more companies need to take response time seriously.
#TechNews#DigitalSecurity#CyberLaw#Innovation#BlueHeadline#InfoSec#DigitalTrends#FutureTech#EUtech#CyberThreats
0 notes