NIS-2 and CRA:
Cybersecurity update for IT contracts
DESCRIPTION
The NIS-2 Directive and the Cyber Resilience Act form the foundation of a new European cybersecurity architecture. In total, thousands of companies and public bodies will be affected by the new cybersecurity requirements. While the requirements can be implemented internally by introducing or supplementing processes and guidelines, the requirements must also be enforced in the supply chain towards suppliers and third-party providers. The presentation will first provide an update on the current status of the two new European legal acts and explain pitfalls in the scope of application and implementation of the requirements. It will then use sample clauses to show how the new cybersecurity law requirements should be taken into account in IT contracts with third-party providers.
WHY THE COMMITTEE CHOSE THIS TALK
The EU keeps up coming with new ideas regarding regulations. Christoph and Stefan will keep us up to date and show us the effect of the current plans to contract management und our digital supply chain.
