Skip to content

On Dec. 5, 2025, the German act implementing the EU NIS 2 Directive was published. The centerpiece of the German implementation is the newly revised Act on the Federal Office for Information Security (Gesetz über das Bundesamt für Sicherheit in der Informationstechnik – BSI Act, BSIG), which redefines security-related requirements for companies and public bodies across Germany and fundamentally modernizes the regulatory framework for IT security. The number of regulated entities may increase from approximately 4,500 to around 29,000. For these entities, the new requirements will generally apply from the day after publication in the Federal Law Gazette; there is no general transitional period. In practice, this means that cybersecurity may no longer be viewed primarily as a technical task for the IT department, but becomes an immediate, liability-exposed leadership responsibility of a company’s management body.

Click here to read the full GT Alert.

Tags: cybersecurity, European Union, Germany, GT Insight
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Christoph Enaux Christoph Enaux

Christoph Enaux chairs the German Telecommunications Sector Group as well as the German Regulatory and Competition Practice Group.

Christoph advises on commercial and regulatory aspects of new business models in the TMT sector. In addition, he supports clients from various sectors on merger

Christoph Enaux chairs the German Telecommunications Sector Group as well as the German Regulatory and Competition Practice Group.

Christoph advises on commercial and regulatory aspects of new business models in the TMT sector. In addition, he supports clients from various sectors on merger control and antitrust proceedings, including commercial and regulatory litigation. As the head of the Digital Real Estate Focus Group, he also focuses on the legal issues relating to the use of digital technologies in the real estate sector.

Prior to joining the firm, Christoph was a partner at Olswang in Berlin and worked in the Technology, Media and Telecommunications Group at Linklaters for five years.

Concentration

  • Merger control
  • Antitrust
  • Broadcasting
  • Media and technology
  • Digital real estate
Read more about Christoph Enaux
Show more Show less
Photo of Dr. Philip Radlanski Dr. Philip Radlanski

Philip Radlanski is a Local Partner in the IP & Technology Practice Group. He advises clients ranging from early-stage start-ups to large corporations on privacy and cybersecurity issues. His work focuses on complex and innovative data-heavy projects, often with cross-border aspects. He also

Philip Radlanski is a Local Partner in the IP & Technology Practice Group. He advises clients ranging from early-stage start-ups to large corporations on privacy and cybersecurity issues. His work focuses on complex and innovative data-heavy projects, often with cross-border aspects. He also assists with addressing cybersecurity issues, including data breach incident management and response. He gained strong recognition throughout Europe for his representation in the first German trial against a GDPR fine, in which he was able to achieve a reduction of the multimillion-euro fine by more than 90 percent.

Philip is known for his pragmatic approach, which he was able to further refine through several months of secondments to the legal departments of a leading German internet service provider and an internationally operating online marketplace for food delivery. A further one-year secondment to the Global Privacy & Data Security Group of an international law firm in New York shaped Philip’s understanding of the U.S. market and U.S. clients.

Prior to practicing as an attorney, Philip worked as a research assistant at the University of Regensburg, Germany, and as a visiting tutor at King’s College London, UK. He also worked with the German Federal Film Board, the cybercrime division of the Berlin District Attorney’s Office, and for different international law firms in Berlin, New York, and Sydney.

He is a member of the German Association for the Protection of Intellectual Property and Copyright (GRUR), the International Technology Law Association (ITechLaw), and the Bauhaus Archive.

Read more about Dr. Philip RadlanskiPhilip's Linkedin Profile
Show more Show less
Related Posts
Berlin
New DSK Guidelines Aim to Set the Standard for International Research Collaborations
November 6, 2025
GDPR europe map lock data privacy
EU NIS 2 Directive: Expanded Cybersecurity Obligations for Key Sectors
August 28, 2025
Berlin
Digital Policy: Highlights of the German Coalition Agreement 2025
April 15, 2025