Cabinet: Law is intended to make attacks on critical infrastructure more difficult

Strict guidelines for energy companies, airports and other large infrastructure facilities should in future better protect Germany from sabotage, terrorist attacks and the consequences of natural disasters. The Federal Cabinet has decided this Wednesday the draft for a “criticism roof law”. This provides for uniform rules to protect the so -called critical infrastructure.

The operators of critical systems are therefore obliged, among other things, to “ensure adequate physical protection of properties and critical systems”. They also have to ward off incidents and limit their negative effects. How these effects can look like in the specific case has shown the large -scale power failure in parts of Berlin after an arson attack this week.

“With the Critical Law, we make Germany more resistant to crises and attacks,” says Federal Interior Minister Alexander Dobrindt (CSU). With uniform minimum standards, risk analyzes and malfunction monitoring, the defensive capacity and resilience of the facilities of the critical infrastructure would increase.

Anyone who ignores the specifications must pay fine

If operators do not adhere to the requirements of the new law, they should have to expect fines. The draft law prescribes you, among other things, registration and the development of plans to increase resistance. The operators should also be obliged to report accidents.

There was already a cabinet decision on the legislative government. After the coalition of the SPD, Greens and FDP coalition, there was no longer a majority in the Bundestag.

The critical infrastructure (criticism) in the sense of the law includes ten sectors: energy, transport and transport, finance, social security, health, nutrition, water, water disposal, information technology and telecommunications as well as space. With the new law, the operators should be made for the first time across sectors with regard to strengthening the resilience of these infrastructures.

Only large facilities affected

The critical infrastructure includes institutions that are important for overall care in Germany and provide more than 500,000 people. In addition, mutual dependencies are taken into account – for example, transport routes are also essential for the supply of food.

From the perspective of experts, the criticism of the roof law and the implementation of the European NIS 2 directive, which deals with the protection of important facilities against cyber attacks, are two important components of an overall strategy to make Germany more resistant.

Reviews for specifications for IT protection required

The draft for the implementation of NIS-2 in German law, which has already passed the cabinet, is to be discussed in the Bundestag for the first time this Thursday. The Federal Association of Energy and Water Management and the Association of Local Companies see considerable improvement in some points.

In a joint position paper, you demand, among other things, to give the companies “Blacklists” not more trustworthy or “Whitelists” from manufacturers who are considered trustworthy – instead of obliging them to report individual reports. The draft currently stipulates that operators of critical systems must report the planned first use of a critical component in advance to the Federal Ministry of the Interior, which can prohibit it if necessary.