On November 13, 2025, the Bundestag passed the law implementing the European NIS2 Directive. This will raise cybersecurity in Germany to a new level. Following the approval of the Bundesrat, companies are obliged to introduce comprehensive security measures – in particular operators of critical infrastructures and organizations of high social importance.

What Does NIS2 Mean in Concrete Terms?

• Extended scope: Around 29,500 companies are affected – from energy suppliers to healthcare providers and digital platforms.
• Obligations: Registration with the BSI, reporting obligations for security incidents, implementation of technical and organizational measures, and consideration of supply chain risks.
• Strict sanctions: Violations can result in substantial fines.

How Can Companies Prepare?

Implementing the NIS2 requirements requires a structured approach. Our Pink handout on preparing a disaster recovery concept (DR concept) offers a practical basis for this. It shows how companies – even without external support – can create the basis for a robust Business Continuity Management System (BCMS).

What is Possible with the Handout?

The document contains:

• Recommended document structure for BCMS: Guidelines, scope document, risk assessment, BIA report, crisis and communication plans.
• Checklists for the project start: Which files and information must be available (e.g. BCMS guideline, risk matrix, DR workbook, recovery plan).
• Requirements catalog: Technical and organizational requirements for IT systems, infrastructure and emergency teams.
• Process description: From the activation of the crisis team to the recovery of critical systems.
• Templates and workbooks: For DR plans, tests and continuous improvement.

This allows companies to:

• Independently build an initial BCMS structure.
• Identify and prioritize risks (including RTO/RPO specifications).
• Create emergency and recovery plans that comply with NIS2 requirements.
• Prepare regular tests and audits to ensure compliance.

Our Offer

Of course, we are happy to assist our customers and interested parties – from consulting to the creation of a complete DR concept to managed services. But: With our handout, you can start today and create the basis for NIS2 compliance.

Act Now!

The time until implementation is short. Those who are prepared minimize risks and avoid high fines.
👉 Request our handout or contact us for individual advice.