This page is fully or partially automatically translated.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Forums it-sa Expo 2023 International Forum B

Cyber Regulation in Europe - what are companies supposed to do now

The digital world is growing and evolving. Companies are facing ever stricter cybersecurity regulations.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo 2023

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Wed, 11.10.2023, 14:30 - 14:45

event_available Hybrid

place Hall 6, Booth 6-131

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Legislation, standards, regulations Industry 4.0 / IoT / Edge Computing

Key Facts

NIS-2 Directive
EU Cyber Resilience Act
EU Directive on the Resilience of Critical Facilities

Organizer

secunet Security Networks AG

Event

This action is part of the event Forums it-sa Expo 2023

Action Video

Action description

Cyber regulation in Europe has increased significantly in recent years as the digital world continues to grow and evolve. Companies are facing increasingly stringent regulations and requirements to strengthen their cybersecurity practices and ensure the protection of sensitive data. In light of this evolution, companies must be proactive to meet regulatory requirements and avoid potential penalties. Cyber Resilience Act, NIS-2 and CER Directive, European policy intensifies regulatory pressure for industry companies. The cybersecurity regulatory landscape for industrial companies in Europe is diverse. Who are affected by the regulations? What obligations arise from them? And what do companies have to do now? Frank Sauber, Global Head of Sales & Business Enablement Division Industry at secunet, provides an overview.

Directive on Security of Network and Information Systems (NIS-2 Directive)
The NIS-2 Directive is an important part of the EU digital strategy "Shaping Europe's Digital Future" and the further development of the NIS Directive already adopted in 2016. The aim is to ensure a high level of cybersecurity at European level and thus strengthen the single market. The directive entered into force on 16 January 2023. The EU member states have until 17 October 2024 to transpose the provisions into national legislation.
Affected economic sectors are divided into two categories: essential/essential - sectors with high criticality - and important/important - other critical sectors. The former include, for example, energy, transport and traffic, financial markets, the health sector, digital infrastructures and public administration. Other critical sectors include postal and courier services, manufacturing, chemicals, and the production of medical devices, electronic equipment, machinery and transport. Which companies within the defined sectors are exactly affected is defined by the respective national legislation.
EU Cyber Resilience Act - Cybersecurity for Connected Products
The EU Cyber Resilience Act (CRA) is a draft law with the aim of protecting end consumers and companies from products with inadequate IT security features. To this end, the law aims to define requirements for products with digital elements in terms of development, design and production, thus ensuring cyber security throughout the life cycle - including the availability of software updates. The security level of networked end products is to be increased in order to prevent cybercrime. The law is expected to come into force before the end of 2023. After that, those affected will have twelve to 24 months to implement the new requirements.
Directive on the resilience of critical entities
The EU Directive on the Resilience of Critical Entities (CER Directive) aims to strengthen the physical resilience of critical entities. The CER Directive replaces the old Directive 2008/114/EC and extends its scope. These new rules oblige EU Member States to identify critical facilities and strengthen their resilience. The CER Directive entered into force on 16 January 2023. EU Member States have until 17 October 2024 to transpose the provisions into national legislation. Affected economic sectors are divided into the categories essential and important. A total of eleven sectors are included in the scope, some of which overlap with the NIS-2 Directive: Energy, Transport, Banking, Financial Market Infrastructures, Health, Drinking Water, Waste Water, Digital Infrastructure, Public Administration, Space, and the Production, Processing and Distribution of Food.

The International Forum is also available as a livestream. Follow this link to access the broadcast.