More requirements for data security in future

In implementation of Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 concerning measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972 and repealing Directive (EU) 2016/1148 (OJ L 333, 27 December 2022, p. 80 (NIS-2 Directive), the federal legislator has submitted a draft. The group of those obligated to maintain a certain level of data security will be significantly expanded beyond the operators of critical infrastructures and this will further increase the data security requirements for companies in general.