CER Directive: German legislator presents a new draft of the local implementation

Written By

natallia karniyevich module
Dr. Natallia Karniyevich

Associate
Germany

I am a seasoned attorney situated at the Bird & Bird Düsseldorf office, with a specialisation in cybersecurity and data protection law, and a co-head of the Bird & Bird International Cybersecurity Steering Group.

The German legislator continues its work on the national implementation of the Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (“CER Directive”), the so-called “Umbrella Law to Strengthen the Physical Resilience of Operators of Critical Entities” (in German: “KRITIS-Dachgesetz”).

Toward the end of the year, the Federal Ministry of the Interior presented a revised draft for the KRITIS-Dachgesetz aimed at enhancing the protection of critical facilities against physical threats such as natural disasters, accidents, or sabotage. It incorporates feedback from industry and civil society, and is planned to become effective on 18 October 2024, with some exceptions. The main obligations for operators, including risk assessments, resilience measures, and reporting requirements, are set to begin on 17 July 2026 (with respect to the CER developments in other countries, see our CER Directive Implementation Tracker).

The full article was published in the Connected newsletter.

TO SUBSCRIBE TO OUR CONNECTED NEWSLETTER CLICK HERE

For more information, please contact Dr. Natallia Karniyevich.


Latest insights

More Insights
data

Powering AI data centres – challenges and opportunities

May 21 2025

Read More
Curiosity line green background

New AI Content Labelling Rules in China: What are they and how do they compare to the EU AI Act?

9 minutes May 20 2025

Read More
Curiosity line yellow background

UK-India Trade: Opportunities for your business under the new Free Trade Agreement

3 minutes May 19 2025

Read More