• 11/20/2025
  • Technical contribution
  • Artificial intelligence (AI)
  • Cybersecurity
  • Management, Awareness and Compliance

it-sa Expo&Congress 2025: Security, control, and trust in the age of new regulations

Learn how companies are using NIS2, DORA, and GDPR as an opportunity for security, resilience, and digital sovereignty. Practical insights from it-sa Expo&Congress 2025.

Written by Markus Zeischke

Graphic representation of a digital icon with the text “Digital Sovereignty” in the center, surrounded by five symbols from the fields of technology, the Internet, innovation, and data processing

Digital sovereignty is becoming a decisive competitive factor. With NIS2, DORA, and the GDPR, the requirements for data protection, resilience, and governance are changing fundamentally. The it-sa Expo&Congress 2025 has shown that companies that see compliance as a strategic opportunity are winning – through more efficient structures, less dependency, and greater confidence in their digital future.

The key questions:

  • How well does your company maintain control over data and infrastructure?
  • Which regulatory requirements are critical for your organization?
  • And how can compliance and operational efficiency be combined?

 

What impact do regulations such as NIS2 and DORA have on companies?

Compliance is evolving from a control instrument to a strategic lever. NIS2 and DORA set new standards and offer organizations the opportunity to modernize security processes, strengthen governance, and clearly define responsibilities.

This is how regulation becomes real added value:

  • Early adaptation reduces risks, prevents business interruptions, and strengthens the trust of customers and partners.
  • Clear governance frameworks create transparency, accelerate decision-making, and ensure long-term efficiency.
  • Internal training courses promote awareness, acceptance, and a sustainable safety culture.

 

Find exciting insights and practical examples in these articles from the it it-sa Expo&Congress 2025: 

What challenges are there in implementing compliance requirements?

Complex IT landscapes make compliance a real challenge. However, with clear planning, the right tools, and transparent governance, this complexity can be managed. Implementing regulations such as NIS2, DORA, and GDPR requires much more than checklists: it requires the coordinated interaction of technology, processes, and people.

These are the key points:

  • Automation reduces manual errors, speeds up audits, and creates greater efficiency in ongoing operations.
  • Clean interface management and complete data inventories form the basis for traceability and compliance security.
  • Clear documentation enhances verifiability and minimizes liability risks, both internally and externally.

 

Discover exciting insights and practical examples in these articles from it-sa Expo&Congress 2025: 

How important is control over your digital infrastructures?

Digital sovereignty protects against dependencies and strengthens the resilience of the entire company. Whether it's the cloud, endpoints, or backups: those who retain control over data and systems remain capable of acting even in emergencies and secure their own long-term competitiveness.

Key success factors include:

  • Endpoint and cloud sovereignty are the basis for security, control, and trustworthy IT ecosystems.
  • Reliable backups and disaster recovery concepts ensure business continuity and minimize downtime.
  • Integrated platforms with governance tools reduce complexity, simplify administration, and promote compliance.

 

Deepen your knowledge with these articles from it-sa Expo&Congress 2025

What role does data protection (GDPR) play in your daily work?

Data protection has long ceased to be a separate issue; it is now an integral part of everyday operations. Only those who seamlessly integrate data protection into their processes can work in compliance with the GDPR, efficiently, and at the same time strengthen the trust of customers and partners.

You should keep the following points in mind:

  • Automated data protection tools simplify compliance with the GDPR and reduce administrative effort.
  • Targeted employee training promotes awareness, prevents violations, and creates a sustainable data protection culture.
  • Practical compliance ensures that data protection is not only documented, but also implemented in daily operations.

 

Find out more in these articles from it it-sa Expo&Congress 2025: 

Have you obtained sufficient information about new regulatory requirements?

Knowledge is the key to compliance, resilience, and digital sovereignty. Only those who are aware of regulatory developments at an early stage can respond in a targeted manner and use new requirements as an opportunity for optimization and differentiation.

You should consider the following points:

  • Strong partner and expert networks provide up-to-date insights and practical guidance.
  • Regular training and updates strengthen confidence in taking action and promote a culture of compliance in practice.
  • Continuous improvement makes compliance a dynamic success factor rather than a static obligation.

 

Be inspired by these contributions from it-sa Expo&Congress 2025: 

Compliance and sovereignty go hand in hand

The it-sa Expo&Congress 2025 has shown that successful companies do not view compliance as an obligation, but rather as the foundation of digital sovereignty and thus as a strategic success factor.

  • Compliance and digital sovereignty go hand in hand: Only those who integrate processes, technology, and awareness can meet regulatory requirements efficiently and sustainably.
  • Proactive management protects against risks and dependencies: Governance tools, backups, and clearly defined responsibilities are crucial for ensuring stability and trust.
  • Continuous learning and monitoring strengthen long-term resilience: Regular updates, training, and audits make compliance a living part of corporate development.

Digital sovereignty and compliance are not one-off projects, but ongoing tasks. Companies that continuously develop their processes, technologies, and teams remain capable of acting, legally compliant, and independent—even in an increasingly complex, regulated digital environment.

 

Related links

Deepen your knowledge and stick with it – your resources at it-sa 365

The threat landscape is dynamic. Continuous training is the best protection. As a member of the it-sa 365 community, you get exclusive access to knowledge, contacts, and solutions related to IT security:

  • Networking with peers and leading experts
  • Exclusive content and advance information
  • personalized news feeds with relevant topics
  • Direct line to solution providers

Exchange ideas with like-minded people, stay informed about current cyberattacks, defense strategies, and new technologies such as AI, and benefit from a community that supports you throughout the year.

Register for the community now for free and reap the benefits

Author

Markus Zeischke

Markus Zeischke

IT-Autor & Senior Content Manager

The Digitale