IT Security Act & KRITIS
The IT Security Act (IT-SiG) came into force on 25 July 2015. The IT Security Act aims to significantly improve the security of information technology systems (IT security) in Germany. Particular importance is attached to critical infrastructures (CRITIS), which are central to the functioning of the community. The sectors and industries of critical infrastructures are defined by the Federal Office for Information Security (BSI) and currently include ten sectors.
In addition, from May 2023, CRITIS companies are obliged to implement and actively use systems for attack detection (SzA). And finally, CRITIS companies are to prove the use of business continuity management systems (BCMS).