Webinars, Meetings and Events

In 2025, the KRITIS CG organised and facilitated various meetings to strengthen the technical discourse on the security of critical infrastructure.

13 February 2025 – Session on the “NIS2 Implementing Guide”: The programme kicked off with an expert meeting focusing on ENISA’s technical guide. The event centred on the methodological and technical implementation of the far-reaching NIS2 requirements. To provide participants with practical guidance, a special handout containing detailed recommendations for operators of critical infrastructures (KRITIS) was published following the event.

9 April 2025 – NIS2: Implementation and Practical Experience: At this expert meeting of the KRITIS CG, the group discussed the practical challenges and experiences to date regarding the implementation of the NIS2 Directive in companies.

8 July 2025 – KRITIS Regulatory Expert Meeting: This meeting focused on current regulatory requirements. Following the official welcome at 13:00, the agenda began at 13:15 with eco’s statement on the evaluation of the Cybersecurity Act (CSA). This was followed by an in-depth discussion on how companies can overcome the challenges posed by NIS2, the Cyber Resilience Act and the e-Evidence Regulation in practical implementation.

8 December 2025 – E-Evidence in practice: At the end of the year, the thematic focus of the KRITIS CG was on the preservation of electronic evidence. The agenda included a keynote speech on the current status of the E-Evidence Regulation at EU level, as well as discussions on technical implementation. Another key focus was the presentation on the German Federal Network Agency (BNetzA)’s new Security Catalogue.

Press Releases

The KRITIS Competence Group’s media presence was strongly characterised by proactive press releases on the most important planned legislation:

16 April 2025 – Start of the DORA reporting period: Just in time for the start of the regulatory submission period under the Digital Operational Resilience Act (DORA), the eco Association published a statement highlighting that the NIS2 implementation is massively increasing the pressure on digital supply chains.

22 April 2025 – Warning regarding the shutdown of the CVE database: In an urgent statement, eco Board Member Klaus Landefeld warned of the global consequences of the impending end of the central CVE (Common Vulnerabilities and Exposures) project due to the withdrawal of US funding and called for a swift, internationally coordinated solution.

30 July 2025 – NIS2 cabinet decision adopted: KRITIS CG commented on the national implementation. KRITIS expert Ulrich Plate emphasised that companies must urgently use this time to evaluate existing security architectures and refine internal risk analyses.

10 September 2025 – German Cabinet Decision on the KRITIS Umbrella Act: eco also commented on the new draft bill for the KRITIS Umbrella Act. Ulrich Plate welcomed the creation of a uniform framework for physical security, but explicitly warned against double obligations for operators.

News & Expert Articles

In addition, the Competence Group carried out extensive awareness-raising work in the form of news articles and external publications:

In a guest article in ServiceToday magazine entitled “NIS2 is coming – and changing more than just compliance”, experts from the Competence Group explained that the new requirements necessitate far-reaching changes in operational IT security.

dotmagazine 

To ensure the challenges facing the German Internet industry are heard in the international discourse, representatives of the KRITIS CG and the eco Board published an article in the English-language industry dotmagazine.

NIS2 and CER Rippling the Waves: In this specialist article, Ulrich Plate, Leader of eco KRITIS CG, analyses in detail how the European NIS2 and CER (Critical Entities Resilience) directives will reshape large parts of the European economy through strict requirements. Particular focus is placed on the obligation of senior management to personally approve and oversee cyber risk management measures.

Infrastructure, Interconnection, Innovation: What 30 Years Have Taught Us: Klaus Landefeld, eco Board Member for Infrastructure and Networks, outlines in this article the 30-year development of digital infrastructure in Germany – from pure research networks to the critical lifeline of today’s economy. He calls for strategic cooperation and the consistent expansion of robust infrastructure in the future.