• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Who is affected by the new IT security guideline?

13. August 2024
in Other
Reading Time: 8 mins read
0 0
A A
0
eacdf2e96129370b1608edb115f7bf58
Key Facts
  • NIS 2 Directive must be implemented by October 17, 2024, primarily affects IT start-ups in the EU
  • The directive significantly increases the level of protection for critical infrastructures and digital services.
  • Regulatory requirements must not be neglected in dynamic start-up environments; IT security is essential.
  • Companies must implement risk management measures, security incident reports and regular checks.
  • Early measures reduce compliance risks and increase customer and investor confidence.
  • Non-compliance can lead to penalties of up to 10 million euros or 2% of annual turnover.
  • Proactive planning enables integrated security measures and competitive advantages for start-ups.

While vany entrepreneurs in the IT and startup-sector are struggling with the daily challengeschallenges of business developmentare preoccupied with thean important important deadline that could easily be overlooked easily overlooked: Themplementation of the NIS 2 Directive by October 17 2024 Surprisingly many companies havecompanies have important newinnovation on the screen, even thoughthe consequencesbe far-reaching can. These EU Directive on the Network andd Information security concernsmeets more uncompany as one initially assumeswould benefit thespecial also Innovative startups in the IT sector.The Directive aims toon off, the shlevel of protection for critical infrastructures andd digital servicesste in the EU clearly to increasetion. But not Only established companiescompanies have to adapt to the new requirementsorders. Also Young, up-and-coming startups should take the NIS 2 directive seriously and take earlytake early measures toto minimize compliance-minimize compliance risksminimize compliance risks and IT security improve. DFailure to comply with the requirements can severe finesfines as a result result.

Content Hide
1. What is NIS 2?
2. Main contents of the NIS 2 Directive
3. Implementation deadline and consequences
4. Significance for IT start-ups
5. Recommendations for action
5.1. Author: Marian Härtel

Especially in the dynamic wworld of startups, in whichgility and rapidand rapid growth are are in the foregrounde, the dealing with regulatory requirementsrequirementst take a back seat.intergroundaten. But the NIS 2 Directive makes makes it clear that IT security is not an not an option, but a a necessity. Startups that the right the rightthe right decisions can not only reduce liability risks reduce liability risks, butbut also the trust of customers and investorsand investors.

What is NIS 2?

NIS 2 stands for “Network and Information Security” and is the further development of the first NIS Directive from 2016. The aim of this directive is to significantly increase the level of protection for critical infrastructures and digital services in the EU. In contrast to the previous version, NIS 2 significantly expands the scope of application and now also includes smaller companies, which could directly affect many start-ups.

Main contents of the NIS 2 Directive

The Directive defines the Focus on the followingcore aspects: The Introduction of Risk management measures in the cybsafety, Mobligations for Security incidents that Implementation of Concepts for Evaluation of the Effectiveness of IT security measures, the training of Employees in cyber security issues and the regular transfertesting and actualization of the Safety measures.

In concrete termsthis means that companies areare obligedd to take appropriate technicaland organizationalorganizational measures to minimize risks to the security of network andd information systems manage. This includes Local implementationperformance of Risiko analyzes, the implementation of security concepts andd the establishment of processes for detection, mreporting and reactingtion to security incidents.

Another importantaspect is the training andd sensitization of Employees. Z The aim is is to acquire sufficient knowledgeknowledge and skills to recognition andd assessment of risks and management practices in the in the area of cybersecurity mediate. Reg Regular reviewsand updates of theupdates of the measures takenmeasures are alsoalso necessary in order to with the constantly evolvingevolving threat landscape.keep pace with the constantly evolving threat landscape.

Thesecomprehensiverequirementsespecially for young and growingcompanies challengeas there are often limited resourcresources for the implementation availableehen. Nevertheless It is essential that the requirements of the NIS 2 Directive seriously seriously andd promptly take appropriatemeasures to strengthenIT security-security take action. One early engagementwith the requirements the requirements andd the use of fexpert supportsupport can help to minimize compliance-risks and minimizerisks and increase resilience againstagainst cyber attackssustainablytion.

Implementation deadline and consequences

The deadline for transposing the NIS 2 Directive into national law is October 17, 2024, from which date affected companies must comply with the requirements. Non-compliance could result in severe fines of up to 10 million euros or 2% of annual global turnover. These potential penalties underline the urgency of dealing with the requirements in good time.

Significance for IT start-ups

For many start-ups in the IT sector, NIS 2 represents a new challenge, but also an opportunity: the implementation of robust cyber security measures will become mandatory, which will increase resilience to cyber attacks in the long term. Companies that implement NIS 2 at an early stage can use this as a quality feature and a sign of trust towards customers and partners, which can give them a competitive advantage. By complying with NIS 2 standards, startups signal that they take the security of their systems and data seriously and are willing to invest in cyber security. This can strengthen the trust of customers and investors and improve the company’s reputation.

Even if a startup is not directly covered by the NIS 2 directive, business partners or customers who are subject to the directive can demand appropriate security standards. In an increasingly networked business world, it is important that smaller companies in the supply chain also take appropriate security measures. Start-ups that focus on NIS 2 compliance at an early stage can position themselves as reliable and trustworthy partners and improve their chances of working with larger companies.

In addition, fast-growing startups should consider the NIS 2 requirements at an early stage in order to be prepared if the threshold values are exceeded and to avoid any nasty surprises. By planning ahead and implementing security measures step by step, startups can avoid having to retrofit later under time pressure and at high cost. Addressing NIS 2 at an early stage enables security to be integrated into the company culture and processes from the outset and to scale with the growth of the company.Overall, the NIS 2 directive offers IT startups the opportunity to raise their cyber security to a high level, build trust with customers and partners and prepare for future growth. By being proactive, startups can overcome the challenges and reap the benefits of strong cybersecurity.

Recommendations for action

In order to meet the requirements of the NIS 2 Directive in good time, IT start-ups should consider the following steps: Firstly, assessing how affected the company is based on its size and area of activity, followed by a gap analysis to identify where action is needed. Developing and implementing an information security management system (ISMS) and training employees in cyber security issues are other important aspects. Regular reviews and updates of security measures must not be neglected.

The implementation of the NIS 2 Directive may initially appear to be an additional burden, but it offers the opportunity to improve IT security in the long term and position yourself as a trustworthy partner in the digital ecosystem. IT start-ups should use the time remaining until October 2024 to prepare thoroughly and implement the necessary measures. Dealing with NIS 2 at an early stage can not only minimize compliance risks, but also create a competitive advantage in an increasingly security-conscious market.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: AnalyseCompetitive advantageComplianceDevelopmentEmployeesEuGrowthInformationIT SecurityReviewrightSicherheitStartupsTraining

Weitere spannende Blogposts

Employment law for startups

Employment law for start-ups: Important regulations when building a team
10. October 2024

Building a competent and motivated team is crucial to the success of a start-up. However, founders must observe a variety...

Read moreDetails

End of anonymity on review platforms like Kununu?

End of anonymity on review platforms like Kununu?
26. April 2024

The issue of anonymity on online review platforms such as Kununu has repeatedly given rise to debate. A recent ruling...

Read moreDetails

BGH to decide on Yelp reviews in January

No more free tissues at the pharmacy?
20. November 2019

Facts The applicant claims that Yelp is injunctive relief, determination and damages for its assessment representations. As many will know,...

Read moreDetails

ECJ rulings on compensation for data protection breaches

District Court Frankfurt a.M. on the right to be forgotten
26. June 2024

Analysis of the ECJ rulings In its recent decisions C-687/21 and C-340/21, the European Court of Justice (ECJ) provided important...

Read moreDetails

De-Minimis funding successful; still participate now

De-Minimis funding successful; still participate now
7. November 2022

The de minimis funding for the games industry has been a resounding success, with 380 applications already received by the...

Read moreDetails

Compensation in esport in case of player change?

Compensation in esport in case of player change?
19. December 2019

In the last few months, I have had to deal several times with the question of whether a team/organization is...

Read moreDetails

Geoblocking Ordinance: Attention Warning Trap

Geoblocking Ordinance: Attention Warning Trap
3. December 2018

Complex Themam but relevant for game developers and many more The topic of geoblocking can be very complex in detail...

Read moreDetails

ECJ to decide whether consumer protection agencies may issue data protection warnings

ECJ to decide whether consumer protection agencies may issue data protection warnings
7. November 2022

The Federal Court of Justice (BGH) currently has to decide whether a breach by the operator of a social network...

Read moreDetails

Co-Production Contracts in the Games Industry: A Guide for Developers

Co-Production Contracts in the Games Industry: A Guide for Developers
7. June 2023

Introduction The games industry is a dynamic and complex field that constantly offers new challenges and opportunities. One of these...

Read moreDetails
Contractual regulations for no-code/low-code software development
Other

Contractual regulations for no-code/low-code software development

21. May 2025

No-code and low-code platforms enable rapid software development without extensive manual programming. Applications are increasingly being developed on the basis...

Read moreDetails
Erotic content on OnlyFans: Copyright and personality rights protection for creators

Erotic content on OnlyFans: Copyright and personality rights protection for creators

20. May 2025
Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

19. May 2025
Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

18. May 2025
From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

17. May 2025

Podcastfolge

238a909c26a0302cbd4792cbd18e4922

Global challenges for start-ups – A legal guide

10. October 2024

This informative podcast offers a comprehensive insight into the legal challenges faced by start-ups when expanding internationally. The experienced lawyer...

Read moreDetails
43a60cb39d7ea477ac8f3845c1b7739c

Legal advice for start-ups – investments that pay off

8. December 2024
3c671c5134443338a4e0c30412ac3270

“Digital law decoded” with lawyer Marian Härtel

26. September 2024
c9c5d7fd380061a8018074c2ca5a81bf

Startups and innovation in Germany – challenges and opportunities

26. September 2024
8ffe8f2a4228de20d20238899b3d922e

Web3, blockchain and law – a critical review

26. September 2024

Video

My transparent billing

My transparent billing

10. February 2025

In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...

Read moreDetails
Fascination between law and technology

Fascination between law and technology

10. February 2025
My two biggest challenges are?

My two biggest challenges are?

10. February 2025
What really makes me happy

What really makes me happy

10. February 2025
What I love about my job!

What I love about my job!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung