• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Who is affected by the new IT security guideline?

13. August 2024
in Other
Reading Time: 8 mins read
0 0
A A
0
eacdf2e96129370b1608edb115f7bf58
Key Facts
  • NIS 2 Directive must be implemented by October 17, 2024, primarily affects IT start-ups in the EU
  • The directive significantly increases the level of protection for critical infrastructures and digital services.
  • Regulatory requirements must not be neglected in dynamic start-up environments; IT security is essential.
  • Companies must implement risk management measures, security incident reports and regular checks.
  • Early measures reduce compliance risks and increase customer and investor confidence.
  • Non-compliance can lead to penalties of up to 10 million euros or 2% of annual turnover.
  • Proactive planning enables integrated security measures and competitive advantages for start-ups.

While vany entrepreneurs in the IT and startup-sector are struggling with the daily challengeschallenges of business developmentare preoccupied with thean important important deadline that could easily be overlooked easily overlooked: Themplementation of the NIS 2 Directive by October 17 2024 Surprisingly many companies havecompanies have important newinnovation on the screen, even thoughthe consequencesbe far-reaching can. These EU Directive on the Network andd Information security concernsmeets more uncompany as one initially assumeswould benefit thespecial also Innovative startups in the IT sector.The Directive aims toon off, the shlevel of protection for critical infrastructures andd digital servicesste in the EU clearly to increasetion. But not Only established companiescompanies have to adapt to the new requirementsorders. Also Young, up-and-coming startups should take the NIS 2 directive seriously and take earlytake early measures toto minimize compliance-minimize compliance risksminimize compliance risks and IT security improve. DFailure to comply with the requirements can severe finesfines as a result result.

Content Hide
1. What is NIS 2?
2. Main contents of the NIS 2 Directive
3. Implementation deadline and consequences
4. Significance for IT start-ups
5. Recommendations for action
5.1. Author: Marian Härtel

Especially in the dynamic wworld of startups, in whichgility and rapidand rapid growth are are in the foregrounde, the dealing with regulatory requirementsrequirementst take a back seat.intergroundaten. But the NIS 2 Directive makes makes it clear that IT security is not an not an option, but a a necessity. Startups that the right the rightthe right decisions can not only reduce liability risks reduce liability risks, butbut also the trust of customers and investorsand investors.

What is NIS 2?

NIS 2 stands for “Network and Information Security” and is the further development of the first NIS Directive from 2016. The aim of this directive is to significantly increase the level of protection for critical infrastructures and digital services in the EU. In contrast to the previous version, NIS 2 significantly expands the scope of application and now also includes smaller companies, which could directly affect many start-ups.

Main contents of the NIS 2 Directive

The Directive defines the Focus on the followingcore aspects: The Introduction of Risk management measures in the cybsafety, Mobligations for Security incidents that Implementation of Concepts for Evaluation of the Effectiveness of IT security measures, the training of Employees in cyber security issues and the regular transfertesting and actualization of the Safety measures.

In concrete termsthis means that companies areare obligedd to take appropriate technicaland organizationalorganizational measures to minimize risks to the security of network andd information systems manage. This includes Local implementationperformance of Risiko analyzes, the implementation of security concepts andd the establishment of processes for detection, mreporting and reactingtion to security incidents.

Another importantaspect is the training andd sensitization of Employees. Z The aim is is to acquire sufficient knowledgeknowledge and skills to recognition andd assessment of risks and management practices in the in the area of cybersecurity mediate. Reg Regular reviewsand updates of theupdates of the measures takenmeasures are alsoalso necessary in order to with the constantly evolvingevolving threat landscape.keep pace with the constantly evolving threat landscape.

Thesecomprehensiverequirementsespecially for young and growingcompanies challengeas there are often limited resourcresources for the implementation availableehen. Nevertheless It is essential that the requirements of the NIS 2 Directive seriously seriously andd promptly take appropriatemeasures to strengthenIT security-security take action. One early engagementwith the requirements the requirements andd the use of fexpert supportsupport can help to minimize compliance-risks and minimizerisks and increase resilience againstagainst cyber attackssustainablytion.

Implementation deadline and consequences

The deadline for transposing the NIS 2 Directive into national law is October 17, 2024, from which date affected companies must comply with the requirements. Non-compliance could result in severe fines of up to 10 million euros or 2% of annual global turnover. These potential penalties underline the urgency of dealing with the requirements in good time.

Significance for IT start-ups

For many start-ups in the IT sector, NIS 2 represents a new challenge, but also an opportunity: the implementation of robust cyber security measures will become mandatory, which will increase resilience to cyber attacks in the long term. Companies that implement NIS 2 at an early stage can use this as a quality feature and a sign of trust towards customers and partners, which can give them a competitive advantage. By complying with NIS 2 standards, startups signal that they take the security of their systems and data seriously and are willing to invest in cyber security. This can strengthen the trust of customers and investors and improve the company’s reputation.

Even if a startup is not directly covered by the NIS 2 directive, business partners or customers who are subject to the directive can demand appropriate security standards. In an increasingly networked business world, it is important that smaller companies in the supply chain also take appropriate security measures. Start-ups that focus on NIS 2 compliance at an early stage can position themselves as reliable and trustworthy partners and improve their chances of working with larger companies.

In addition, fast-growing startups should consider the NIS 2 requirements at an early stage in order to be prepared if the threshold values are exceeded and to avoid any nasty surprises. By planning ahead and implementing security measures step by step, startups can avoid having to retrofit later under time pressure and at high cost. Addressing NIS 2 at an early stage enables security to be integrated into the company culture and processes from the outset and to scale with the growth of the company.Overall, the NIS 2 directive offers IT startups the opportunity to raise their cyber security to a high level, build trust with customers and partners and prepare for future growth. By being proactive, startups can overcome the challenges and reap the benefits of strong cybersecurity.

Recommendations for action

In order to meet the requirements of the NIS 2 Directive in good time, IT start-ups should consider the following steps: Firstly, assessing how affected the company is based on its size and area of activity, followed by a gap analysis to identify where action is needed. Developing and implementing an information security management system (ISMS) and training employees in cyber security issues are other important aspects. Regular reviews and updates of security measures must not be neglected.

The implementation of the NIS 2 Directive may initially appear to be an additional burden, but it offers the opportunity to improve IT security in the long term and position yourself as a trustworthy partner in the digital ecosystem. IT start-ups should use the time remaining until October 2024 to prepare thoroughly and implement the necessary measures. Dealing with NIS 2 at an early stage can not only minimize compliance risks, but also create a competitive advantage in an increasingly security-conscious market.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: AnalyseCompetitive advantageComplianceDevelopmentEmployeesEuGrowthInformationIT SecurityReviewrightSicherheitStartupsTraining

Weitere spannende Blogposts

Capital increase with premium: Gift tax pitfalls and solutions for start-ups

Capital increase with premium: Gift tax pitfalls and solutions for start-ups
10. October 2024

As an experienced lawyer for IT law, corporate law and media law, I have been observing an interesting development in...

Read moreDetails

AI and contract generators for GTC – An opportunity for standard contracts or a risk for your company?

AI and contract generators for GTC – An opportunity for standard contracts or a risk for your company?
9. May 2023

AI and contract generators - the future of T&C creation? In today's digital world, artificial intelligence (AI) and automated processes...

Read moreDetails

Small Business Owners, VALUE Added Tax and Price Information Regulation

Online shops: Attention to advertising with EIA
11. March 2019

In line with this article, we would also like to provide some information on small businesses in accordance with Section...

Read moreDetails

Differential taxation and price indications Regulation

Online shops: Attention to advertising with EIA
11. March 2019

In tax law, lawyers can usually argue even more than is not otherwise the case in civil and industrial property...

Read moreDetails

BGH on time limits and costs and closing letters for preliminary injunctions.

BGH considers Uber Black to be anti-competitive
26. May 2023

Introduction The landscape of German law is constantly in flux, characterized by ongoing adjustments and clarifications. A central role in...

Read moreDetails

Repackaging of medicines is trademark violation!

Attention with Black Friday advertising!
17. October 2019

In the preliminary injunction procedure for the repackaging of a cancer drug by a drug importer, the 6th Civil Senate...

Read moreDetails

Legal issues in focus – video series in collaboration with 1Pitch

Legal issues in focus – video series in collaboration with 1Pitch
1. December 2023

I am pleased to share an exciting development: In collaboration with 1Pitch, I have launched a video series on various...

Read moreDetails

Are trading apps allowed to restrict trading?

Are trading apps allowed to restrict trading?
7. November 2022

Attention: Due to the explosive nature of the current situation, this blog post must not be understood as concrete legal...

Read moreDetails

Between player rights and provider obligations – dealing with blocked gaming accounts

Between player rights and provider obligations – dealing with blocked gaming accounts
19. November 2023

Introduction As a lawyer with a history in the gaming sector, I often come across cases involving blocked gaming accounts....

Read moreDetails
Contractual regulations for no-code/low-code software development
Other

Contractual regulations for no-code/low-code software development

21. May 2025

No-code and low-code platforms enable rapid software development without extensive manual programming. Applications are increasingly being developed on the basis...

Read moreDetails
Erotic content on OnlyFans: Copyright and personality rights protection for creators

Erotic content on OnlyFans: Copyright and personality rights protection for creators

20. May 2025
Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

19. May 2025
Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

18. May 2025
From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

17. May 2025

Podcastfolge

da884f9e2769f2f96d6b74255be62c27

The role of the IT lawyer

5. September 2024

In this exciting podcast episode, we delve into the fascinating world of IT start-ups and find out why an experienced...

Read moreDetails
fcb134a2b3cfec5d256cf9742ecef1cd

The unconventional lawyer: a nerd in the service of the law

26. September 2024
75df8eaa33cd7d3975a96b022c65c6e4

Life as an IT lawyer, work-life balance, family and my career

26. September 2024
d00527fd01b1f807a4f80c0f202069e7

Legal basics for startup founders – how to start on the safe side!

9. November 2024
8ffe8f2a4228de20d20238899b3d922e

Web3, blockchain and law – a critical review

26. September 2024

Video

My transparent billing

My transparent billing

10. February 2025

In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...

Read moreDetails
Fascination between law and technology

Fascination between law and technology

10. February 2025
My two biggest challenges are?

My two biggest challenges are?

10. February 2025
What really makes me happy

What really makes me happy

10. February 2025
What I love about my job!

What I love about my job!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung