SD
SIGNAL+DRAHT | Issue 10/2023

The impact of current cybersecurity guidelines on companies without CRITIS relevance

October 2023 | Martin Koop

The new EU directives on cybersecurity have significantly expanded the requirements and areas of application for all transport organisations, so that current non-CRITIS railways are also obliged to implement increased cybersecurity measures. This affects railway undertakings (RU) and railway infrastructure organisations alike. The implementation of the directives into German law has already been published in a draft bill and is presented in this article.