BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//denog15//talk//ZFG3Q9
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-denog15-ZFG3Q9@pretalx.com
DTSTART;TZID=CET:20231121T110000
DTEND;TZID=CET:20231121T113000
DESCRIPTION:Reeling under the blows of the Russian assault on Ukraine and t
 he ever-increasing threats to networks and utilities\, the European regula
 tory regime for critical infrastructures is undergoing profound changes. B
 oth cyber and physical security of essential service providers are covered
  by the recent EU directives NIS 2 and CER\, with several additional initi
 atives targeting specific areas: DORA (the operational resilience act for 
 the financial sector)\, the upcoming Cyber Resilience Act for secure hardw
 are and software\, the EU certification scheme for cloud services and more
 .  All are either subject to being transposed into national legislation or
  effective immediately all over the Union – and they hold consequences f
 or all types of industries\, telecommunication and digital infrastructure 
 being just the most prominent sector to be held responsible to rules and r
 egulations regarding their perimeter and information security. \n\nNetwork
  operators are particularly exposed to the new rulesets – their critical
 ity does not rely solely on their services being considered critical in th
 eir own right: they inherit the requirements from their customers when tho
 se are within the scope of critical infrastructure regulation. The entire 
 sector of digital infrastructure\, plus managed service and security provi
 ders\, is undergoing the most significant change\, with implementing acts 
 to specify technical and methodological requirements from the NIS 2 direct
 ive being prepared.\n\nWhat does all that mean for operators? More money t
 o spend on security\, eventually\, since the budget increase necessary to 
 fulfil the obligations is estimated at anywhere between 15 and 25 percent 
 compared to before NIS 2 and CER. Technical compliance for network operati
 ons not only requires implementing security measures – you need to prove
  it via audits\, certificates\, mandatory reporting. \n\nThis talk is goin
 g to take you on a speed run through the maze of legal and regulatory thic
 kets both in the European Union and especially in Germany. Entertaining as
  it may seem\, there may be dizzying side effects from the drastic changes
  in both direction and speed. Buckle up\, buttercup\, it’s a bumpy one.
DTSTAMP:20260421T224449Z
LOCATION:Auditorium
SUMMARY:The regulation maze – EU and German cyber security laws for criti
 cal service providers - Ulrich Plate
URL:https://pretalx.com/denog15/talk/ZFG3Q9/
END:VEVENT
END:VCALENDAR