ITSicherheitsgesetz - Infinite Lexicon - Infinite Lexicon

ITSicherheitsgesetz

The IT-Sicherheitsgesetz, or IT Security Act (often abbreviated IT-SIG), is a German federal law aimed at strengthening information technology security in critical infrastructure and in essential digital services. It was enacted in 2015 and later supplemented by a major reform in 2021, commonly referred to as IT-Sicherheitsgesetz 2.0. The act seeks to raise the security standard of IT systems, improve resilience to cyber threats, and enhance the ability of authorities to respond to incidents.

Scope and key obligations. The law applies to operators of critical infrastructures (KRITIS) in sectors designated

Incident reporting and enforcement. The IT-SIG imposes duties to classify, manage, and report significant IT security

Impact and evolution. The IT-Sicherheitsgesetz marked a milestone in Germany’s cyber policy by codifying security obligations

telecommunications,

administration.

product-security

considerations,