CER Directive: German legislator presents a new draft of the local implementation

Written By

natallia karniyevich module
Dr. Natallia Karniyevich

Associate
Germany

I am a seasoned attorney situated at the Bird & Bird Düsseldorf office, with a specialisation in cybersecurity and data protection law, and a co-head of the Bird & Bird International Cybersecurity Steering Group.

The German legislator continues its work on the national implementation of the Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (“CER Directive”), the so-called “Umbrella Law to Strengthen the Physical Resilience of Operators of Critical Entities” (in German: “KRITIS-Dachgesetz”).

Toward the end of the year, the Federal Ministry of the Interior presented a revised draft for the KRITIS-Dachgesetz aimed at enhancing the protection of critical facilities against physical threats such as natural disasters, accidents, or sabotage. It incorporates feedback from industry and civil society, and is planned to become effective on 18 October 2024, with some exceptions. The main obligations for operators, including risk assessments, resilience measures, and reporting requirements, are set to begin on 17 July 2026 (with respect to the CER developments in other countries, see our CER Directive Implementation Tracker).

The full article was published in the Connected newsletter.

TO SUBSCRIBE TO OUR CONNECTED NEWSLETTER CLICK HERE

For more information, please contact Dr. Natallia Karniyevich.


Latest insights

More Insights
featured image

The pendulum swings back: Optis v Apple Court of Appeal FRAND judgment – Rapid reaction

22 minutes May 02 2025

Read More
featured image

KSA: SDAIA Opens Consultation for New Data Protection Consultancy Rules

3 minutes May 01 2025

Read More
cameras

Connected - April 2025

Apr 30 2025

Read More