Protection against hackers: Federal Ministry of the Interior prepares cyber security law

According to a number of delays, the Federal Government plans to legally anchor the rules for the protection of important systems and companies decided by the European Union by early 2026. “The Federal Ministry of the Interior is currently promoting this topic at the moment,” said the President of the Federal Office for Information Technology (BSI), Claudia Plattner, the German Press Agency. “I have hope that we can get into force in early 2026.” According to the Ministry of the Interior, the countries and affected associations were listened to the design.

Protection against blackmail and sabotage

With the implementation of the European NIS 2 directive, more cyber security is to be created by companies and institutions. The important facility within the meaning of the law includes larger companies in the sectors of energy, transport, drinking water, food production, waste water and telecommunications. The idea behind it: If you were no longer able to work – for example because a hacker encrypted your data or blocked access to it – this would have a significant impact on the population.

The obligation to implement certain security measures for the defense and coping of cyber attacks should in future affect an estimated around 29,000 companies and thus significantly more than before. The BSI currently looks after around 4,500 operators of critical infrastructure that have to meet certain standards in terms of cybersecurity.

A “NIS-2 personnel test” has been online for about four months. This allows everyone to find out whether the planned stricter rules apply to him or not. According to BSI, the test has been used more than 200,000 times. However, Plattner still has the impression: “The requirements that come to the affected companies and institutions still do not really have on the screen.”

Implementation period ran in October

The deadline for the NIS-2 guideline expired on October 17, 2024. By this date, all EU member states should have implemented the directive into national law. Germany and numerous other EU countries have not complied with the deadline. The traffic light coalition had decided in the cabinet in July 2024. After the coalition of the SPD, Greens and FDP’s coalition, however, there was no longer a majority in the Bundestag. “Because we didn’t make it anymore in the last legislative period, there is now really a pace,” warns the BSI president.