Further expansion of competence in the field of IT security law consulting at Piltz Legal
As part of our consulting strategy, we at Piltz Legal are continuously expanding our expertise in the area of IT security law. When advising our clients, it is important for us not only to provide specialist legal know-how, but also to be able to speak the language of IT.
We are therefore pleased that Dr. Carlo Piltz has successfully completed the certificate course for Business Continuity Manager (BCM) according to ISO 22301, ISO 27031 and BSI IT-Grundschutz at Bitkom Akademie. Previously, Johannes Zwerschke had already successfully acquired certification as an IT Security Officer (ITSiBe) / Chief Information Security Officer (CISO) in accordance with ISO/IEC 27001/27002 and BSI IT-Grundschutz.
The expertise he has acquired enables us to provide effective support, particularly in time-critical situations that are sensitive for clients, such as attacks on IT systems and operational disruptions.
News
Territorial scope of NIS-2 – When does the German BSIG apply to managed service providers (MSPs) from third countries?
In a previous article (only available in German), we addressed the question of who qualifies as a managed service provider (MSP) or managed security service provider (MSSP) under the amended German Act on the Federal Office for Information Security and on information security in entities (BSI Act – BSIG) (Note: There is currently no official English translation of the current version of the BSIG. However, there is at least a machine translation by the EU.). If a company within a group of companies is centrally responsible for the operation of the group's IT, it can be classified as an MSP and thus as an important or particularly important entity within the meaning of Sec. 28 para. 1 no. 4 and/or Sec. 28 para. 2 no. 3 BSIG – provided that it falls within the scope of the BSIG.
NIS-2: Obligation to designate a representative for entities in third countries
Within the scope of the NIS-2 Directive (NIS-2-RL), situations may arise in which providers of certain NIS-2-relevant services, such as managed service providers, are based solely in a third country but offer services within the EU. According to Art. 2 (1) NIS-2 Directive, the territorial scope of application applies as soon as a company provides a service or carries out activities in the EU. Art. 26 NIS-2 Directive specifies this scope of application to the effect that, in principle, the Member State in which the entity is located and thus its respective implementing law is applicable. We have already written an article on this subject.
New awards for our partners
We are very pleased that Prof. Dr. Burghard Piltz and Dr. Carlo Piltz have received further awards from the Handelsblatt and have been included in the 16th edition of The Best Lawyers in Germany™.