• Areas of expertise
  • |
  • About me
  • |
  • Principles as a lawyer
  • Tel: 03322 5078053
  • |
  • info@itmedialaw.com
ITMediaLaw - Rechtsanwalt Marian Härtel
  • en English
  • de Deutsch
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
Kurzberatung
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
ITMediaLaw - Rechtsanwalt Marian Härtel
Home Other

Who is affected by the new IT security guideline?

13. August 2024
in Other
Reading Time: 8 mins read
0 0
A A
0
eacdf2e96129370b1608edb115f7bf58
Key Facts
  • NIS 2 Directive must be implemented by October 17, 2024, primarily affects IT start-ups in the EU
  • The directive significantly increases the level of protection for critical infrastructures and digital services.
  • Regulatory requirements must not be neglected in dynamic start-up environments; IT security is essential.
  • Companies must implement risk management measures, security incident reports and regular checks.
  • Early measures reduce compliance risks and increase customer and investor confidence.
  • Non-compliance can lead to penalties of up to 10 million euros or 2% of annual turnover.
  • Proactive planning enables integrated security measures and competitive advantages for start-ups.

While vany entrepreneurs in the IT and startup-sector are struggling with the daily challengeschallenges of business developmentare preoccupied with thean important important deadline that could easily be overlooked easily overlooked: Themplementation of the NIS 2 Directive by October 17 2024 Surprisingly many companies havecompanies have important newinnovation on the screen, even thoughthe consequencesbe far-reaching can. These EU Directive on the Network andd Information security concernsmeets more uncompany as one initially assumeswould benefit thespecial also Innovative startups in the IT sector.The Directive aims toon off, the shlevel of protection for critical infrastructures andd digital servicesste in the EU clearly to increasetion. But not Only established companiescompanies have to adapt to the new requirementsorders. Also Young, up-and-coming startups should take the NIS 2 directive seriously and take earlytake early measures toto minimize compliance-minimize compliance risksminimize compliance risks and IT security improve. DFailure to comply with the requirements can severe finesfines as a result result.

Content Hide
1. What is NIS 2?
2. Main contents of the NIS 2 Directive
3. Implementation deadline and consequences
4. Significance for IT start-ups
5. Recommendations for action

Especially in the dynamic wworld of startups, in whichgility and rapidand rapid growth are are in the foregrounde, the dealing with regulatory requirementsrequirementst take a back seat.intergroundaten. But the NIS 2 Directive makes makes it clear that IT security is not an not an option, but a a necessity. Startups that the right the rightthe right decisions can not only reduce liability risks reduce liability risks, butbut also the trust of customers and investorsand investors.

What is NIS 2?

NIS 2 stands for “Network and Information Security” and is the further development of the first NIS Directive from 2016. The aim of this directive is to significantly increase the level of protection for critical infrastructures and digital services in the EU. In contrast to the previous version, NIS 2 significantly expands the scope of application and now also includes smaller companies, which could directly affect many start-ups.

Main contents of the NIS 2 Directive

The Directive defines the Focus on the followingcore aspects: The Introduction of Risk management measures in the cybsafety, Mobligations for Security incidents that Implementation of Concepts for Evaluation of the Effectiveness of IT security measures, the training of Employees in cyber security issues and the regular transfertesting and actualization of the Safety measures.

In concrete termsthis means that companies areare obligedd to take appropriate technicaland organizationalorganizational measures to minimize risks to the security of network andd information systems manage. This includes Local implementationperformance of Risiko analyzes, the implementation of security concepts andd the establishment of processes for detection, mreporting and reactingtion to security incidents.

Another importantaspect is the training andd sensitization of Employees. Z The aim is is to acquire sufficient knowledgeknowledge and skills to recognition andd assessment of risks and management practices in the in the area of cybersecurity mediate. Reg Regular reviewsand updates of theupdates of the measures takenmeasures are alsoalso necessary in order to with the constantly evolvingevolving threat landscape.keep pace with the constantly evolving threat landscape.

Thesecomprehensiverequirementsespecially for young and growingcompanies challengeas there are often limited resourcresources for the implementation availableehen. Nevertheless It is essential that the requirements of the NIS 2 Directive seriously seriously andd promptly take appropriatemeasures to strengthenIT security-security take action. One early engagementwith the requirements the requirements andd the use of fexpert supportsupport can help to minimize compliance-risks and minimizerisks and increase resilience againstagainst cyber attackssustainablytion.

Implementation deadline and consequences

The deadline for transposing the NIS 2 Directive into national law is October 17, 2024, from which date affected companies must comply with the requirements. Non-compliance could result in severe fines of up to 10 million euros or 2% of annual global turnover. These potential penalties underline the urgency of dealing with the requirements in good time.

Significance for IT start-ups

For many start-ups in the IT sector, NIS 2 represents a new challenge, but also an opportunity: the implementation of robust cyber security measures will become mandatory, which will increase resilience to cyber attacks in the long term. Companies that implement NIS 2 at an early stage can use this as a quality feature and a sign of trust towards customers and partners, which can give them a competitive advantage. By complying with NIS 2 standards, startups signal that they take the security of their systems and data seriously and are willing to invest in cyber security. This can strengthen the trust of customers and investors and improve the company’s reputation.

Even if a startup is not directly covered by the NIS 2 directive, business partners or customers who are subject to the directive can demand appropriate security standards. In an increasingly networked business world, it is important that smaller companies in the supply chain also take appropriate security measures. Start-ups that focus on NIS 2 compliance at an early stage can position themselves as reliable and trustworthy partners and improve their chances of working with larger companies.

In addition, fast-growing startups should consider the NIS 2 requirements at an early stage in order to be prepared if the threshold values are exceeded and to avoid any nasty surprises. By planning ahead and implementing security measures step by step, startups can avoid having to retrofit later under time pressure and at high cost. Addressing NIS 2 at an early stage enables security to be integrated into the company culture and processes from the outset and to scale with the growth of the company.Overall, the NIS 2 directive offers IT startups the opportunity to raise their cyber security to a high level, build trust with customers and partners and prepare for future growth. By being proactive, startups can overcome the challenges and reap the benefits of strong cybersecurity.

Recommendations for action

In order to meet the requirements of the NIS 2 Directive in good time, IT start-ups should consider the following steps: Firstly, assessing how affected the company is based on its size and area of activity, followed by a gap analysis to identify where action is needed. Developing and implementing an information security management system (ISMS) and training employees in cyber security issues are other important aspects. Regular reviews and updates of security measures must not be neglected.

The implementation of the NIS 2 Directive may initially appear to be an additional burden, but it offers the opportunity to improve IT security in the long term and position yourself as a trustworthy partner in the digital ecosystem. IT start-ups should use the time remaining until October 2024 to prepare thoroughly and implement the necessary measures. Dealing with NIS 2 at an early stage can not only minimize compliance risks, but also create a competitive advantage in an increasingly security-conscious market.

Tags: AnalyseCompetitive advantageComplianceDevelopmentEmployeesEuGrowthInformationIT SecurityReviewrightSicherheitStartupsTraining

Beliebte Beträge

The legal protection of a business plan

5b698c02ae6e02ed43d05d01c467b658
24. September 2024

A business plan is an indispensable strategic document for start-ups and company founders. It serves as a roadmap for business...

Read moreDetails

As a teenager, make e-sports men/streamers self-employed?

As a teenager, make e-sports men/streamers self-employed?
2. January 2020

The industry of streamers and e-sports enthusiasts is very young compared to other industries and therefore also for lawyers and...

Read moreDetails

European Accessibility Act and BFSG: Accessibility will be mandatory for websites, online stores & software from 2025

european economic interest grouping eeig
25. April 2025

Accessibility in the digital world is no longer just a voluntary option, but is becoming a legal obligation. The European...

Read moreDetails

Coalition agreement 2025: changes to commercial law for companies, the self-employed and investors

Coalition agreement 2025: changes to commercial law for companies, the self-employed and investors
9. April 2025

The 2025 coalition agreement of the (presumably) new federal government under the leadership of the CDU/CSU and SPD contains extensive...

Read moreDetails

Modern contract design 2025 in the influencer and agency business

Modern contract design 2025 in the influencer and agency business
7. April 2025

Influencer marketing and agency collaborations have gained enormously in importance in recent years. With new technologies, global networking and changing...

Read moreDetails

Influencers abroad: no free pass from German laws

Influencers abroad: no free pass from German laws
14. April 2025

Many influencers dream of escaping the German winter and their local obligations - be it to Dubai, Madeira or the...

Read moreDetails

Influencer agency contracts and Section 627 BGB: Effectively exclude termination in a relationship of trust

Influencer agency contracts and Section 627 BGB: Effectively exclude termination in a relationship of trust
12. April 2025

Contracts between influencers and their agencies or between managers and artists are often based on a close relationship of trust....

Read moreDetails

Liability when using VibeCoding and no-code platforms – implications for legal due diligence

Liability when using VibeCoding and no-code platforms – implications for legal due diligence
31. March 2025

VibeCoding describes a current trend in which software is no longer programmed manually, but is developed almost exclusively using AI...

Read moreDetails

The romanticization of the “fail fast” principle in startups – When does failure become deception towards stakeholders?

The romanticization of the “fail fast” principle in startups – When does failure become deception towards stakeholders?
3. April 2025

"Fail fast, fail often" - hardly any other motto characterizes the start-up culture as much as the idea of trying...

Read moreDetails

5.0 60 reviews

  • Avatar Lennart Korte ★★★★★ vor 2 Monaten
    Ich kann Herrn Härtel als Anwalt absolut weiterempfehlen! Sein Service ist erstklassig – schnelle Antwortzeiten, effiziente … Mehr Arbeit und dabei sehr kostengünstig, was für Startups besonders wichtig ist. Er hat für mein Startup einen Vertrag erstellt, und ich bin von seiner professionellen und zuverlässigen Arbeit überzeugt. Klare Empfehlung!
  • Avatar R.H. ★★★★★ vor 3 Monaten
    Ich kann Hr. Härtel nur empfehlen! Er hat mich bei einem Betrugsversuch einer Krypto Börse rechtlich vertreten. Ich bin sehr … Mehr zufrieden mit seiner engagierten Arbeit gewesen. Ich wurde von Anfang an kompetent, fair und absolut transparent beraten. Trotz eines zähen Verfahrens und einer großen Börse als Gegner, habe ich mich immer sicher und zuversichtlich gefühlt. Auch die Schnelligkeit und die sehr gute Erreichbarkeit möchte ich an der Stelle hoch loben und nochmal meinen herzlichsten Dank aussprechen! Daumen hoch mit 10 Sternen!
  • Avatar P! Galerie ★★★★★ vor 4 Monaten
    Herr Härtel hat uns äusserst kompetent in einen lästigen Fall mit META betreut. Er war effizient, beharrlich, aber auch mit … Mehr uns geduldig. Menschlich top, bis wir am Ende Dank ihm erfolgreich zum Ziel gekommen sind. Können wir wärmstens empfehlen. Und nochmals danke. P.H.
  • Avatar Philip Lucas ★★★★★ vor 8 Monaten
    Wir haben Herrn Härtel für unser Unternehmen konsultiert und sind äußerst zufrieden mit seiner Arbeit. Von Anfang an hat … Mehr er einen überaus kompetenten Eindruck gemacht und sich als ein sehr angenehmer Gesprächspartner erwiesen. Seine fachliche Expertise und seine verständliche und zugängliche Art im Umgang mit komplexen Themen haben uns überzeugt. Wir freuen uns auf eine langfristige und erfolgreiche Zusammenarbeit!
  • Avatar Mosaic Mask Studio ★★★★★ vor 5 Monaten
    Die Kanzlei ist immer ein verlässlicher Partner bei der Sichtung und Bearbeitung von Verträgen in der IT Branche. Es ist … Mehr stets ein professioneller Austausch auf Augenhöhe.
    Die Ergebnisse sind auf hohem Niveau und haben die interessen unsers Unternehmens immer bestmöglich wiedergespiegelt.
    Vielen Dank für die sehr gute Zusammenarbeit.
  • Avatar Mikael Hällgren ★★★★★ vor einem Monat
    I got fantastic support from Marian Härtel. He managed to get my wrongfully suspended Instagram account restored. He was … Mehr incredibly helpful the whole way until the positive outcome. Highly recommended!
  • Avatar Doris H. ★★★★★ vor 10 Monaten
    Herr Härtel hat uns bezüglich eines Telefonvertrags beraten und vertreten. Wir waren mit seinem Service sehr zufrieden. Er … Mehr hat stets schnell auf unsere E-mails und Anrufe reagiert und den Sachverhalt einfach und verständlich erklärt. Wir würden Herrn Härtel jederzeit wieder beauftragen.Vielen Dank für die hervorragende Unterstützung
  • Avatar Philipp Skaar ★★★★★ vor 8 Monaten
    Als kleines inhabergeführtes Hotel sehen wir uns ab und dann (bei sonst weit über dem Durchschnitt liegenden Bewertungen) … Mehr der Herausforderung von aus der Anonymität heraus agierenden "Netz-Querulanten" gegenüber gestellt. Herr Härtel versteht es außerordentlich spür- und feinsinnig, derartige - oftmals auf Rufschädigung ausgerichtete - Bewertungen bereits im Keim, also außergerichtlich, zu ersticken und somit unseren Betrieb vor weiteren Folgeschäden zu bewahren. Seine Umsetzungsgeschwindigkeit ist beeindruckend, seine bisherige Erfolgsquote = 100%.Ergo: Unsere erste Adresse zur Abwehr von geschäftsschädigenden Angriffen aus dem Web.
  • ●
  • ●
  • ●
  • ●

Video-Galerie

Management contracts for OnlyFans are important
Management contracts for OnlyFans are important
Professional contracts as the basis for successful partnerships
Professional contracts as the basis for successful partnerships
License agreements for software start-ups: Optimal protection of your intellectual property
License agreements for software start-ups: Optimal protection of your intellectual property
Trade custom

Trade custom

1. July 2023

Introduction In business, there are certain behaviors and practices that are recognized and accepted over time. These practices are referred...

Read moreDetails
Liability privilege

Liability privilege

16. October 2024
Step action

Revision

25. June 2023
d47fbf7c36485486a1b3da01755b6ab9

Asset Investment Act (VermAnlG)

9. November 2024
dsgvo 1

GDPR

25. June 2023

Podcast Folgen

Legal challenges when implementing confidential computing: data protection and encryption in the cloud

Smart Contracts und Blockchain

22. December 2024

In dieser fesselnden Podcast-Episode tauch ich tief in die Welt der Blockchain-Technologie und Smart Contracts ein. Die 25-minütige Folge beleuchtet,...

7c0b449a651fe0b81e5eec2e23515012 2

Urheberrecht im Digitalen Zeitalter

22. December 2024

In dieser aufschlussreichen knapp 20-minütigen Podcast-Episode von und mit mir wird das komplexe Thema des Urheberrechts im digitalen Zeitalter beleuchtet....

8315f1ef298eb54dfeed2f5e55c8b9da 1

Erste Testfolge des ITMediaLaw Podcast

26. August 2024

Erste TestfolgeLiebe Leserinnen und Leser,ich freue mich, heute den ersten Testlauf unseres brandneuen IT Media Law Podcasts zu präsentieren! In diesem Podcast...

KI im Recht: Chancen, Risiken und Regulierung – der IT Media Law Podcast Episode 3

KI im Recht: Chancen, Risiken und Regulierung – der IT Media Law Podcast Episode 3

28. August 2024

Willkommen zur dritten Episode unseres Podcasts "IT Media Law"! In dieser Folge tauchen wir ein in die faszinierende Welt der...

  • Home
  • Imprint
  • Privacy policy
  • Terms
  • Agile and lean law firm
  • Ideal partner
  • Contact
  • Videos
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Contact
  • Leistungen
    • Support with the foundation
    • Focus areas of attorney Marian Härtel
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Games law consulting
    • Support and advice of agencies
    • Legal advice in corporate law: from incorporation to structuring
    • Cryptocurrencies, Blockchain and Games
    • Investment advice
    • Booking as speaker
    • Legal compliance and expert opinions
    • Legal advice in corporate law: from incorporation to structuring
    • Contract review and preparation
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
    • Agile and lean law firm
    • Focus on start-ups
    • Principles as a lawyer
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Why a lawyer and business consultant?
    • Focus on start-ups
    • How can I help clients?
    • Team: Saskia Härtel – WHO AM I?
    • Testimonials
    • Imprint
  • Videos
    • Video series – about me
    • Information videos – about Marian Härtel
    • Videos on services
    • Blogpost – individual videos
    • Shorts
    • Third-party videos
    • Podcast format
    • Other videos
  • Knowledge base
  • Podcast
  • Blogposts
    • Lange Artikel / Ausführungen
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Labour law
    • EU law
    • Corporate
    • Competition law
    • Copyright
    • Tax
    • Internally
    • Other
  • en English
  • de Deutsch
Kostenlose Kurzberatung