The IT Security Act 2.0 came into force at the end of May 2021. The amendment strengthened the role of the BSI in national cyber defense, while at the same time further tightening the obligations imposed on operators of critical infrastructures and the possible penalties for violations. At the same time, the group of companies and organizations classified as CRITIS was expanded. On the one hand, by adding the new sector of waste disposal and lowering the threshold values, and on the other hand, by the fact that so-called companies in the special public interest (UBI) and their suppliers now also fall under the restrictions of the IT Security Act 2.0.
For the first time, technical measures are also mentioned, such as the introduction of "attack detection sys ...