CER Directive: German legislator presents a new draft of the local implementation
Written By
Associate
Germany
I am a seasoned attorney situated at the Bird & Bird Düsseldorf office, with a specialisation in cybersecurity and data protection law, and a co-head of the Bird & Bird International Cybersecurity Steering Group.
Related
Practices
Sectors
Regions
Countries
The German legislator continues its work on the national implementation of the Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (“CER Directive”), the so-called “Umbrella Law to Strengthen the Physical Resilience of Operators of Critical Entities” (in German: “KRITIS-Dachgesetz”).
Toward the end of the year, the Federal Ministry of the Interior presented a revised draft for the KRITIS-Dachgesetz aimed at enhancing the protection of critical facilities against physical threats such as natural disasters, accidents, or sabotage. It incorporates feedback from industry and civil society, and is planned to become effective on 18 October 2024, with some exceptions. The main obligations for operators, including risk assessments, resilience measures, and reporting requirements, are set to begin on 17 July 2026 (with respect to the CER developments in other countries, see our CER Directive Implementation Tracker).
The full article was published in the Connected newsletter.
TO SUBSCRIBE TO OUR CONNECTED NEWSLETTER CLICK HERE
For more information, please contact Dr. Natallia Karniyevich.
