Violations result in a fine
Cabinet wants to decide on specifications for infrastructure protection
The operators of critical infrastructure are responsible for protecting their systems. Since the well-being of many people depends on everything going smoothly for them, there should be clear rules.
This Wednesday, the cabinet wants to approve a draft for a “Kritis umbrella law” that provides rules to protect energy companies, airports and other large infrastructure facilities. If operators do not adhere to this, they will have to expect fines in the future. The law requires registration and the development of plans to increase resilience. In addition, operators should be obliged to report incidents.
Critical infrastructure (Kritis) within the meaning of the law includes eleven sectors: energy, transport and traffic, finance and insurance, public administration, health, nutrition, drinking water, wastewater, municipal waste disposal, information technology, telecommunications and space. The new law is intended to provide operators with cross-sector requirements for the first time with a view to strengthening the resilience of these infrastructures. Operators would generally have to take all potential dangers into account: from natural disasters to human error to acts of sabotage.
Critical infrastructure includes facilities that are important for the overall supply in Germany and serve more than 500,000 people. In addition, mutual dependencies are taken into account – for example, transport routes are also essential for the supply of food.
Draft law implements EU directive
In order to meet the protection requirements of the European Union (CER Directive), the Kritis umbrella law should actually have come into force in October 2024 at the latest. The draft that the Federal Ministry of the Interior has now presented stipulates that operators of systems that are part of the critical infrastructure will be on a common platform of the Federal Office for Civil Protection and Disaster Assistance (BBK) and the IT Department by July 17, 2026 at the latest – Register with the Federal Office for Information Security (BSI) responsible for security. The operators then have until May 2027 to take appropriate measures to ensure their functionality.
Critical infrastructure systems ensure that the population is supplied with electricity, drinking water and other essential goods at all times. According to the plans of Federal Interior Minister Nancy Faeser (SPD), the stricter protective regulations should affect both state institutions and private companies of a certain size.
dpa
Source: Stern
I have been working in the news industry for over 6 years, first as a reporter and now as an editor. I have covered politics extensively, and my work has appeared in major newspapers and online news outlets around the world. In addition to my writing, I also contribute regularly to 24 Hours World.
