Benutzerbeiträge von „Jhospes“

3. Juni 2025

• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +372 Translations:Network and Information Security Directive (NIS2-RL)/186/en Keine Bearbeitungszusammenfassung aktuell
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +234 N Translations:Network and Information Security Directive (NIS2-RL)/186/en Die Seite wurde neu angelegt: „§ 46 NISG stipulates that non-compliance by public entities must be reported by the Federal Minister of the Interior to the competent district administrative authority, which must then issue a decision confirming the legal violation.“
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +23 N Translations:Network and Information Security Directive (NIS2-RL)/185/en Die Seite wurde neu angelegt: „=== Public Entities ===“ aktuell
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +79 N Translations:Network and Information Security Directive (NIS2-RL)/184/en Die Seite wurde neu angelegt: „* **Fine of up to €50,000**, and in case of repetition, **up to €100,000**.“ aktuell
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +144 N Translations:Network and Information Security Directive (NIS2-RL)/183/en Die Seite wurde neu angelegt: „§ 45(4) NISG outlines further offences (e.g. breaches of obligations to tolerate audits or document measures), which are sanctioned as follows:“ aktuell
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +184 N Translations:Network and Information Security Directive (NIS2-RL)/182/en Die Seite wurde neu angelegt: „* **Important entity**: Fine of up to **€7,000,000** or **1.4%** of the total worldwide annual turnover of the undertaking to which the important entity belongs, whichever is higher.“ aktuell
• 12:5012:50, 3. Jun. 2025 Unterschied Versionen +183 N Translations:Network and Information Security Directive (NIS2-RL)/181/en Die Seite wurde neu angelegt: „* **Essential entity**: Fine of up to **€10,000,000** or **2%** of the total worldwide annual turnover of the undertaking to which the essential entity belongs, whichever is higher.“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +83 N Translations:Network and Information Security Directive (NIS2-RL)/180/en Die Seite wurde neu angelegt: „§ 45(1–3) NISG lists administrative offences subject to the following sanctions:“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +24 N Translations:Network and Information Security Directive (NIS2-RL)/179/en Die Seite wurde neu angelegt: „=== Private Entities ===“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +250 N Translations:Network and Information Security Directive (NIS2-RL)/178/en Die Seite wurde neu angelegt: „* Issue a **prohibition order** against a member of the governing body of the essential entity, preventing them from carrying out managerial duties in that entity. The decision must be published in a general manner intended to reach a broad audience.“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +2 N Translations:Network and Information Security Directive (NIS2-RL)/177/en Die Seite wurde neu angelegt: „or“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +255 N Translations:Network and Information Security Directive (NIS2-RL)/176/en Die Seite wurde neu angelegt: „* Request that competent authorities **temporarily suspend the certification or authorisation** for all or part of the relevant services or activities provided by the entity, including cybersecurity certification under Art. 58 of Regulation (EU) 2019/881;“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +122 N Translations:Network and Information Security Directive (NIS2-RL)/175/en Die Seite wurde neu angelegt: „If an essential entity does not comply with the decision in a timely and verifiable manner, the authority is empowered to:“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +167 N Translations:Network and Information Security Directive (NIS2-RL)/174/en Die Seite wurde neu angelegt: „If the entity fails to comply, the authority may issue an administrative decision mandating the implementation of the necessary cybersecurity risk management measures.“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +174 N Translations:Network and Information Security Directive (NIS2-RL)/173/en Die Seite wurde neu angelegt: „Initially, the entity must be notified and instructed to implement specific measures or adaptations in its risk management or compliance with reporting and other obligations.“ aktuell
• 12:4912:49, 3. Jun. 2025 Unterschied Versionen +210 N Translations:Network and Information Security Directive (NIS2-RL)/172/en Die Seite wurde neu angelegt: „If the cybersecurity authority determines during supervision that an essential or important entity is not fulfilling its obligations under this federal law, it must proceed in accordance with § 39(1–4) NISG.“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +38 N Translations:Network and Information Security Directive (NIS2-RL)/171/en Die Seite wurde neu angelegt: „=== National Implementation (NISG) ===“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +524 N Translations:Network and Information Security Directive (NIS2-RL)/170/en Die Seite wurde neu angelegt: „ In addition to financial penalties, the competent authority may impose further measures: * Issuance of binding instructions to ensure compliance with the Directive. * Temporary suspension of business activities in case of non-compliance with orders. * Temporary prohibition for individuals in management positions to exercise managerial functions. * **Liability of management**: Members of the governing body (e.g. executives, directors) may be held personal…“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +366 N Translations:Network and Information Security Directive (NIS2-RL)/169/en Die Seite wurde neu angelegt: „* **Sanctions for essential entities**: In case of non-compliance, essential entities may face fines of up to **€10 million** or **2% of the total worldwide annual turnover**, whichever is higher. * **Sanctions for important entities**: Important entities may be fined up to **€7 million** or **1.4% of the total worldwide annual turnover**, whichever is higher.“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +73 N Translations:Network and Information Security Directive (NIS2-RL)/168/en Die Seite wurde neu angelegt: „The amount of fines varies depending on the classification of the entity:“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +22 N Translations:Network and Information Security Directive (NIS2-RL)/167/en Die Seite wurde neu angelegt: „=== NIS2 Directive ===“ aktuell
• 12:4812:48, 3. Jun. 2025 Unterschied Versionen +9 N Translations:Network and Information Security Directive (NIS2-RL)/166/en Die Seite wurde neu angelegt: „Sanctions“ aktuell
• 11:5611:56, 3. Jun. 2025 Unterschied Versionen −3.698 Network and Information Security Directive (NIS2-RL)/en Die Seite wurde neu angelegt: „===== Size-dependent Scope =====“
• 11:5311:53, 3. Jun. 2025 Unterschied Versionen +472 N Translations:Network and Information Security Directive (NIS2-RL)/165/en Die Seite wurde neu angelegt: „GDPR and NIS2 share common ground in requiring organisations to assess risks and implement appropriate safeguards, especially when personal data is at risk due to cybersecurity incidents. Organisations covered by both frameworks must ensure their risk management strategies comply with both. While GDPR centers on personal data protection, NIS2 prioritizes IT system resilience and broader cybersecurity. Risk overlaps should be assessed for relevance across…“ aktuell
• 11:5311:53, 3. Jun. 2025 Unterschied Versionen +387 N Translations:Network and Information Security Directive (NIS2-RL)/164/en Die Seite wurde neu angelegt: „* **Risk assessment**: Both require identifying threats and vulnerabilities and implementing proportionate protection measures. * **Security measures**: Both mandate technical and organisational controls to protect data and systems. * **Documentation**: Both require thorough documentation of risk assessments and protective measures to demonstrate compliance during audits or incidents.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +16 N Translations:Network and Information Security Directive (NIS2-RL)/163/en Die Seite wurde neu angelegt: „=== Overlaps ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +315 N Translations:Network and Information Security Directive (NIS2-RL)/162/en Die Seite wurde neu angelegt: „* **GDPR**: Focuses on protecting personal data—measures must prevent unauthorized access, ensure data security, and enable data recovery. * **NIS2**: Focuses on protecting IT systems with emphasis on service availability and resilience—requires regular audits, vulnerability management, and emergency planning.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +70 N Translations:Network and Information Security Directive (NIS2-RL)/161/en Die Seite wurde neu angelegt: „Both frameworks demand adequate security measures but differ in scope:“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +45 N Translations:Network and Information Security Directive (NIS2-RL)/160/en Die Seite wurde neu angelegt: „=== Technical and organisational measures ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +250 N Translations:Network and Information Security Directive (NIS2-RL)/159/en Die Seite wurde neu angelegt: „* **GDPR**: Applies to any organization processing personal data, which includes nearly all businesses and institutions. * **NIS2**: Applies only to operators of essential and important entities in critical sectors (e.g. energy, banking, healthcare).“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +25 N Translations:Network and Information Security Directive (NIS2-RL)/158/en Die Seite wurde neu angelegt: „=== Affected entities ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +374 N Translations:Network and Information Security Directive (NIS2-RL)/157/en Die Seite wurde neu angelegt: „* **GDPR**: Requires a Data Protection Impact Assessment (DPIA) if high risks to individuals are anticipated (Art. 35 GDPR), including detailed risk evaluation and mitigation. * **NIS2**: Requires regular assessments of network and information system risks, identifying cybersecurity risks and mitigation strategies—these are broader and cover all critical infrastructure.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +41 N Translations:Network and Information Security Directive (NIS2-RL)/156/en Die Seite wurde neu angelegt: „=== Risk assessment and documentation ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +337 N Translations:Network and Information Security Directive (NIS2-RL)/155/en Die Seite wurde neu angelegt: „* **GDPR**: Emphasizes protection of personal data (Art. 32 GDPR), including encryption and restoring data availability after incidents. * **NIS2**: Emphasizes cybersecurity and operational resilience, requiring threat monitoring, redundancy, and service continuity—not limited to personal data but covering the full IT infrastructure.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +34 N Translations:Network and Information Security Directive (NIS2-RL)/154/en Die Seite wurde neu angelegt: „=== Specific security measures ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +490 N Translations:Network and Information Security Directive (NIS2-RL)/153/en Die Seite wurde neu angelegt: „* **GDPR**: Requires appropriate technical and organisational measures proportional to the risks to individuals’ rights and freedoms (Art. 24, 32 GDPR), such as encryption, pseudonymisation, access control, and backups. * **NIS2**: Requires risk management for network and information systems based on potential cyber risks, focusing on availability, integrity, and confidentiality (Art. 21 NIS2). Measures include network security controls, threat detectio…“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +88 N Translations:Network and Information Security Directive (NIS2-RL)/152/en Die Seite wurde neu angelegt: „Both frameworks require risk-based strategies to design and implement security measures.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +27 N Translations:Network and Information Security Directive (NIS2-RL)/151/en Die Seite wurde neu angelegt: „=== Risk-based approach ===“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +399 N Translations:Network and Information Security Directive (NIS2-RL)/150/en Die Seite wurde neu angelegt: „* **GDPR**: Protects personal data and individual rights. Risk management under GDPR aims to mitigate risks to the rights and freedoms of individuals due to data processing. * **NIS2**: Focuses on cybersecurity and protection of network and information systems in critical sectors (e.g. energy, healthcare, transport). The goal is to improve the resilience of IT systems and critical infrastructure.“ aktuell
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen −9.039 Network and Information Security Directive (NIS2-RL)/en Die Seite wurde neu angelegt: „An "entity" under § 3(10) NISG is a natural person or a legal person or registered partnership recognized under the applicable national law, capable of exercising rights and bearing obligations in its own name.“
• 11:5211:52, 3. Jun. 2025 Unterschied Versionen +194 Translations:Network and Information Security Directive (NIS2-RL)/147/en Keine Bearbeitungszusammenfassung aktuell
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen −194 Translations:Network and Information Security Directive (NIS2-RL)/148/en Der Seiteninhalt wurde durch einen anderen Text ersetzt: „== Risk Management ==“ aktuell Markierung: Ersetzt
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +215 N Translations:Network and Information Security Directive (NIS2-RL)/149/en Die Seite wurde neu angelegt: „The risk management requirements under the GDPR and NIS2 Directive intersect where both data and IT system protection are concerned. While both require security and risk mitigation measures, they differ in emphasis:“ aktuell
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +215 N Translations:Network and Information Security Directive (NIS2-RL)/148/en Die Seite wurde neu angelegt: „The risk management requirements under the GDPR and NIS2 Directive intersect where both data and IT system protection are concerned. While both require security and risk mitigation measures, they differ in emphasis:“
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +21 N Translations:Network and Information Security Directive (NIS2-RL)/147/en Die Seite wurde neu angelegt: „== Risk Management ==“
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +427 N Translations:Network and Information Security Directive (NIS2-RL)/146/en Die Seite wurde neu angelegt: „* Both regulations require reporting of incidents affecting confidentiality, integrity, or availability. * If both IT systems and personal data are involved, dual reporting may be required—to the data protection authority (GDPR) and the cybersecurity authority (NIS2). * Operators of essential services handling personal data may be subject to both regimes and must report both the data breach and the cybersecurity incident.“ aktuell
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +16 N Translations:Network and Information Security Directive (NIS2-RL)/145/en Die Seite wurde neu angelegt: „=== Overlaps ===“ aktuell
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +289 N Translations:Network and Information Security Directive (NIS2-RL)/144/en Die Seite wurde neu angelegt: „* **GDPR**: Required if the breach poses a risk to the rights and freedoms of natural persons. * **NIS2**: Obligations apply for significant incidents with potential impact on the delivery of essential services, based on criteria such as user impact, incident duration, or economic damage.“ aktuell
• 11:5111:51, 3. Jun. 2025 Unterschied Versionen +32 N Translations:Network and Information Security Directive (NIS2-RL)/143/en Die Seite wurde neu angelegt: „=== Conditions for reporting ===“ aktuell
• 11:5011:50, 3. Jun. 2025 Unterschied Versionen +292 N Translations:Network and Information Security Directive (NIS2-RL)/142/en Die Seite wurde neu angelegt: „* **GDPR**: Only applies when personal data is compromised (e.g. unauthorized access, loss or theft). * **NIS2**: Also applies to incidents affecting the availability, integrity, or confidentiality of systems, regardless of whether personal data is involved—focus is on general IT security.“ aktuell