A deep dive into NIS 2 Regulation

A workshop in Frankfurt brought together automobile manufacturers and suppliers to discuss an important regulatory topic in cybersecurity right now: the national implementation of EU’s NIS 2 Directive. Invited by VDA and ENX Association, experts exchanged about what NIS 2 means in practice.

After a presentation about the legal requirements and interpretation by Rudigel Sarpong of Suvon Legal, Dr. Arndt von Twickel and Christian Ramminger of German Federal Office of Information Security (BSI) provided valuable information about registration, implementation and reporting and were on hand to provide participants with detailed answers to all their questions.

The presentations led to a deep discussion and exchange on how the new regulatory requirements affect companies across different sectors as well as an exchange on practical experiences and challenges in implementing NIS‑2 according to the German law.

Lennart Oly and Immo Wehrenberg stated on how established approaches such as the VDA-ISA and TISAX support compliance. Beyond the automotive ecosystem, TISAX offers a practical and flexible framework that helps organizations of different sizes and business models to structure their cybersecurity efforts in line with NIS 2 by defining one harmonized risk appetite throughout the industry.

Attendees described the workshop as extremely valuable. The exchange shows how an intrinsically motivated industry contributes to building #cybernationgermany.