{"id":3205,"date":"2024-03-12T12:25:34","date_gmt":"2024-03-12T11:25:34","guid":{"rendered":"https:\/\/pilz-magazine.com\/de\/?p=3205"},"modified":"2024-09-11T10:27:15","modified_gmt":"2024-09-11T08:27:15","slug":"security-nis2-cra-publication-2024","status":"publish","type":"post","link":"https:\/\/pilz-magazine.com\/en\/security-nis2-cra-publication-2024\/","title":{"rendered":"Security legislation: What\u2019s happening in 2024?"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">NIS 2: More obligations for more companies<\/h2>\n\n\n\n<p>The direc\u00adtive for Net\u00adwork and Infor\u00adma\u00adtion System Secu\u00adrity 2 EU 2022\/2555 (NIS 2) spec\u00adi\u00adfies mea\u00adsures for a high col\u00adlec\u00adtive cyber secu\u00adrity level in the EU. The NIS law, pre\u00advi\u00adously the national imple\u00admen\u00adta\u00adtion of NIS&nbsp;1, pri\u00admarily applied to crit\u00adical infra\u00adstruc\u00adture and providers of rel\u00ade\u00advant dig\u00adital ser\u00advices. NIS&nbsp;2 expands the sec\u00adtors, for example to include the manufacturing\/producing trades: Engi\u00adneering, man\u00adu\u00adfac\u00adturers of data pro\u00adcessing devices, elec\u00adtronic and optical prod\u00aducts, elec\u00adtrical equip\u00adment, motor vehi\u00adcles and motor vehicle parts as well as any other vehicle con\u00adstruc\u00adtion. Within these indus\u00adtries, com\u00adpa\u00adnies with more than 50 employees OR an annual turnover or an annual bal\u00adance sheet of over 10 mil\u00adlion euros are affected.<\/p>\n\n\n\n<div class=\"wp-block-group link-pilz alignright align-outside is-layout-constrained wp-block-group-is-layout-constrained\">\n<p><a href=\"https:\/\/www.pilz.com\/en-INT\/support\/law-standards-norms\" target=\"_blank\" rel=\"noreferrer noopener\">Laws and stan\u00addards \u2013 knowl\u00adedge related to machinery safety<\/a><\/p>\n<\/div>\n\n\n\n<p>These com\u00adpa\u00adnies will be obliged in future to imple\u00adment risk man\u00adage\u00adment mea\u00adsures for cyber secu\u00adrity, such as cre\u00adating risk analyses and safety con\u00adcepts for infor\u00adma\u00adtion sys\u00adtems, pro\u00adtec\u00adtion of the supply chain and the safety of the per\u00adsonnel, as well as con\u00adcepts for access con\u00adtrol and the man\u00adage\u00adment of plants. There is also manda\u00adtory training for the man\u00adage\u00adment. In the event of cer\u00adtain secu\u00adrity inci\u00addents, called sig\u00adnif\u00adi\u00adcant inci\u00addents, an early warning must be issued within 24&nbsp;hours and a mes\u00adsage must be sent to the respon\u00adsible authority within 72&nbsp;hours.<\/p>\n\n\n\n<p>In case of vio\u00adla\u00adtions, there is a threat of severe sanc\u00adtions such as penal\u00adties of 7&nbsp;mil\u00adlion euros or 1.4 per\u00adcent of the total annual turnover, and nat\u00adural per\u00adsons (senior employees) can be ren\u00addered liable. The direc\u00adtive was adopted at the end of 2022 by the Euro\u00adpean Par\u00adlia\u00adment and the Council of the EU. The EU member states have until 18\/10\/2024 to adopt the direc\u00adtive into domestic law.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/pilz-magazine.com\/en\/wp-content\/uploads\/sites\/24\/2024\/03\/Pilz-Security-Richtlinie-fuer-Netz-und-Informationssicherheit-NIS-1024x640.jpg\" alt class=\"wp-image-3208\"><figcaption class=\"wp-element-caption\">A number of changes relating to the topic of Secu\u00adrity are cur\u00adrently pending in industry. Pilz sup\u00adports its cus\u00adtomers with training courses and ser\u00advices to ensure that they can meet these require\u00adments. \u00a9&nbsp;adiruch na chiangmai\/Fotolia.com; \u00a9&nbsp;Pilz GmbH &amp; Co. KG, Ost\u00adfildern<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Cyber Resilience Act \u2013 Security for the whole product lifecycle<\/h2>\n\n\n\n<p>In Sep\u00adtember 2022, the Euro\u00adpean Com\u00admis\u00adsion sub\u00admitted a draft for a reg\u00adu\u00adla\u00adtion intended to increase the cyber secu\u00adrity of prod\u00aducts. This Cyber Resilience Act is directed toward man\u00adu\u00adfac\u00adturers of prod\u00aducts with dig\u00adital ele\u00adments (hard\u00adware and soft\u00adware) that are capable of com\u00admu\u00adni\u00adcating with other prod\u00aducts. In other words, prod\u00aducts from the B2C seg\u00adment such as smart\u00adphones or robotic vacuum cleaners are affected by this, as are those from the B2B seg\u00adment such as con\u00adtrollers and sen\u00adsors as well as pure soft\u00adware prod\u00aducts such as oper\u00adating sys\u00adtems.<\/p>\n\n\n\n<p>How great the impact will actu\u00adally be depends on the cri\u00adteria that are ulti\u00admately estab\u00adlished for clas\u00adsi\u00adfying prod\u00aducts. In accor\u00addance with the Cyber Resilience Act, only prod\u00aducts that guar\u00adantee an appro\u00adpriate level of cyber secu\u00adrity may be placed on the market \u2013 and that\u2019s over the whole life\u00adcycle of a product. Experts antic\u00adi\u00adpate that the reg\u00adu\u00adla\u00adtion will be adopted in 2024. The Cyber Resilience Act is an EU reg\u00adu\u00adla\u00adtion and will thus be imme\u00addi\u00adately valid in the EU member states.<\/p>\n\n\n\n<p>Pilz is care\u00adfully observing leg\u00adis\u00adla\u00adtion in the Indus\u00adtrial Secu\u00adrity field on behalf of its cus\u00adtomers. New legal require\u00adments are reg\u00adu\u00adlarly inte\u00adgrated into the training and con\u00adsulting offer.<\/p>\n\n\n\n<div class=\"wp-block-group link-pilz is-layout-constrained wp-block-group-is-layout-constrained\">\n<p><a href=\"https:\/\/www.pilz.com\/en-DE\/products\/industrial-security\/security-norm\" target=\"_blank\" rel=\"noreferrer noopener\">Back\u00adground infor\u00adma\u00adtion on Indus\u00adtrial Secu\u00adrity<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>In terms of Safety and Secu\u00adrity, machine builders and oper\u00ada\u00adtors are cur\u00adrently facing a number of legal require\u00adments. What\u2019s hap\u00adpening in 2024?<\/p>\n","protected":false},"author":27,"featured_media":3218,"comment_status":"open","ping_status":"closed","sticky":false,"template":"template-cover.php","format":"standard","meta":{"_acf_changed":false,"wp_typography_post_enhancements_disabled":false,"footnotes":""},"categories":[59,13,27],"tags":[],"class_list":["post-3205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-issue-1-2024","category-knowledge","category-laws-and-standards"],"acf":[],"_links":{"self":[{"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/posts\/3205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/comments?post=3205"}],"version-history":[{"count":3,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/posts\/3205\/revisions"}],"predecessor-version":[{"id":3492,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/posts\/3205\/revisions\/3492"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/media\/3218"}],"wp:attachment":[{"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/media?parent=3205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/categories?post=3205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pilz-magazine.com\/en\/wp-json\/wp\/v2\/tags?post=3205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}