The new EU directives on cybersecurity significantly expand the requirements and areas of application for all transport companies, meaning that current non-KRITIS railway companies are also obliged to implement increased cybersecurity measures. This applies equally to railway undertakings (RUs) and railway infrastructure companies (RIUs).
The transposition of the directives into German law has already been published in the draft bill, which is presented in this article.
The complete article can be found in the PDF (below) or in the magazine at:
https://www.eurailpress.de/magazine.html
INCYDE GmbH
Unter den Linden 21
10117 Berlin