Germany's New Infrastructure Cybersecurity Law

Uploaded on 2015-07-29 in INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Utilities

2000px-Bundesamt_f%C3%BCr_Sicherheit_in_der_Informationstechnik_Logo.svg.png

 Federal Office of Information Security (BSI)

German institutions and businesses that fall in the "critical infrastructure" category will have to implement new information security measures, as defined by the new IT security law passed on Friday by the German Bundesrat (the country's "Federal Council").

According to RT, over 2,000 water and energy utilities, telecoms, health providers, transportation companies, and finance and insurance firms - in short, providers of services essential to the uninterrupted day-to-day life of German citizens - will either have to comply with the new law or pay fines of up to €100,000.

The new law will require both these firms and federal agencies to, among other things, enforce a defined minimum of cyber-security standards and report to the Federal Office of Information Security (BSI) about cyber attacks mounted against their systems.

The legislation will also expand the federal criminal police's powers. The Office of Criminal Investigation (BKA) will be tasked with investigating various cyber crimes, from data interception and manipulation to data spying.

A provision of the law heavily debated by privacy advocates is that which requires telecoms to store their customers' traffic data for as far back as six months, so that the police could use it in their investigations. Another obligation telecoms will have is to notify its customers when their connection was abused.

It seems that no one, apart from the legislators, is satisfied with this new law: privacy advocates are worried about the government spying on the citizens' communications; companies are worried about the costs of implementation of these security measures, as well as the possibility of successful cyber intrusions becoming public and damaging their reputation with customers and shareholders; and the opposition is wondering how can the government mandate IT security measures when their own have repeatedly been found wanting.

Net-Security

 

« The BYOD Debate is Not Over
Can You have Both Security & Privacy in the Internet Age? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Securezoo

Securezoo

Securezoo's mission is to simplify and enhance information security by providing trusted security guidance, products, and information to small and mid-sized businesses and security professionals.

Maryville Online - Cybersecurity Program

Maryville Online - Cybersecurity Program

The Cybersecurity Program at Maryville Online is designed to help students reach opportunities in cybersecurity leadership and management through an entirely online curriculum.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

HKCERT

HKCERT

HKCERT is the centre for coordination of computer security incident response for local enterprises and Internet Users in Hong Kong.

Corvid

Corvid

Corvid is an experienced team of cyber security experts who are passionate about delivering innovative, robust and extensive defence systems to help protect businesses against cyber threats.

Quintillion Consulting

Quintillion Consulting

Quintillion Consulting is a strategic risk based consulting firm. We help companies safeguard the core business and IT capabilities that deliver competitive advantage.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

Zama

Zama

Zama - pioneering homomorphic encryption. We believe people shouldn't care about privacy. Not because it doesn't matter, but because it shouldn't be an issue!

Mobilen Communications

Mobilen Communications

Mobilen are dedicated to providing our customers with the highest level of secure data in transit and to bring privacy back to a mobile world.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.