The impact of current cybersecurity guidelines on companies without CRITIS relevance

The new EU directives on cybersecurity have significantly expanded the requirements and areas of application for all transport organisations, so that current non-CRITIS railways are also obliged to implement increased cybersecurity measures. This affects railway undertakings (RU) and railway infrastructure organisations alike. The implementation of the directives into German law has already been published in a draft bill and is presented in this article.

Read the full story in the PDF below or online/printed at:


Dr. Martin Koop

Your contact person
Dr. Martin Koop
ATO, Risk Assessment, (Pen) Testing, Network Architecture, Cyber Security Strategy & Technology