A Spotlight on Security no. 39 | Dec. 7, 2023
The legislative processes surrounding NIS2 continue to keep EU member states such as Germany on tenterhooks. What is the status and what can we expect? We give you a brief overview. Also in this issue of “A Spotlight on Security”: A CJEU ruling making waves and the anatomy of a train hack. Let's go!
?? NIS2 Directive: Overview of current implementation issues
More and more questions on NIS2 implementation arise for operators of critical facilities and their supply chains. EU member states must address them quickly as there is less than a year left until the NIS2 Directive is to be transposed into national laws. In Germany, for example, after three drafts and a workshop with Bundesministerium des Innern und für Heimat and industry associations, NIS2 is currently part of the Conference of Interior Ministers.
From now on, it will be necessary to finetune what specific tasks and measures will be imposed on companies operating critical facilities, whether new obligations to provide evidence will begin in 2027, and how exactly sectors will be delimited in future. NIS2 affects around 30,000 organizations in Germany. The deadline is in October 2024. Further information can be found here.
You’re looking for more firsthand context?
Subscribe to Tresorit InfoSec Insider as the upcoming issue features renowned security expert Manuel Atug, founder and spokesman for independent German organization AG KRITIS, putting NIS2 into perspective and how implementation is likely to proceed. Subscribe here and stay in the know.
?? GDPR: Ruling by the European Court of Justice is making waves
The recent CJEU's Deutsche Wohnen Gruppe ruling could toughen GDPR enforcement, allowing fines for unintentional breaches and holding organizations accountable for actions by representatives. This might broaden liability and simplify penalties, emphasizing the need for robust data protection measures. CISOs must ensure more comprehensive compliance and risk mitigation strategies than ever to navigate the evolving regulatory landscape efficiently. Read the news here.
领英推荐
?? How to hack a train through reverse engineering
On Mastodon, one of the (potentially) most sophisticated hacks in 2023 got covered. Operators recognized their trains didn’t run after servicing. So, they asked security and reverse engineering professionals for help. PLC code is at the core of this hack. Read the full thread here.
?2023 Tresorit Events Outlook
???State of the Union (Winter 2023 update) webinar, EN, today, online
?????GDS Group, CIO Summit USA, today, online
???State of the Union (Winter 2023 update) webinar, DE, 14 December, online
About us
Tresorit?is a zero-knowledge encrypted cloud platform helping teams be more productive without compromising security. Its developers designed it to safeguard the digital valuables of organizations and individuals with highest classification.
Thanks for reading. See you again here at?“A Spotlight on Security”?the week after next.