SIGNAL+DRAHT | Ausgabe 10/2023
The impact of current cybersecurity guidelines on companies without CRITIS relevance
The new EU directives on cybersecurity have significantly expanded the requirements and areas of application for all transport organisations, so that current non-CRITIS railways are also obliged to implement increased cybersecurity measures. This affects railway undertakings (RU) and railway infrastructure organisations alike. The implementation of the directives into German law has already been published in a draft bill and is presented in this article.