Tag

Critical infrastructure

January 7th, 2026

Power outage in Berlin reveals deficits in critical protection and crisis preparedness

The Berlin power outage highlights deficits in the protection of critical infrastructure and in state crisis preparedness. Experts are urgently calling for amended regulations to protect sensitive infrastructure data and reduce the vulnerability of the power grid.

By Lisa-Martina Klein, Michael Bröcker and Katharina Horban

News | Critical infrastructure

December 1st, 2025

KRITIS umbrella act: Critics warn against neglecting supply chains

The KRITIS Umbrella Act has met with criticism due to the lack of drone defense and too many transparency obligations. Experts warn that freely available data could create points of attack on critical infrastructures.

By Lisa-Martina Klein

News | Critical infrastructure

November 5th, 2025

KRITIS Umbrella Act: Coalition government criticizes lack of coordination with NIS-2 implementation law

The Bundestag will debate the KRITIS Umbrella Act for the first time on Thursday. There is criticism from the CDU/CSU and the Greens: both are calling for more coordination with the NIS2 and the CER implementation laws.

By Lisa-Martina Klein

Goran Buldioski (Hertie School) und Helena Quis (Bertelsmann Stiftung).

Opinion | Total defense

October 30th, 2025

One year after Niinistö: the EU must not squander its preparedness momentum

Drones, sabotage and espionage are on the rise, but the EU is in danger of learning the wrong lessons. Instead of social resilience, Brussels is focusing on military "readiness". As a result, what Niinistö once called for is being lost: security as a joint task.

By Helena Quis and Goran Buldioski

Feature | Hikvision

October 22nd, 2025

Hikvision at the main railway station: Chinese surveillance technology gains a foothold in Hamburg

The Hamburg police are supporting the Fraunhofer Institute in the development of surveillance AI. It is using cameras from the Chinese manufacturer Hikvision for this purpose. The company has been criticized for its role in surveillance practices in China.

By Christian Domke Seidel

Feature | NIS-2

September 29th, 2025

Critical infrastructure protection: Why energy operators reject the NIS-2 regulation for critical components

Under NIS-2, the Ministry of the Interior could prohibit operators of critical infrastructure from installing certain components, for example from China – even retroactively. The energy industry is sounding the alarm and the Bundestag sees a need for improvement.

By Wilhelmine Stenglin

News | NIS-2

September 19th, 2025

NIS-2: Federal Court of Auditors sharply criticizes exception by federal administration

The Federal Audit Office has issued a harsh verdict on the federal government's NIS-2 bill.

By Wilhelmine Stenglin

News | Critical infrastructure

September 12th, 2025

Critical infrastructure protection: Why government agencies are exempt from requirements

This week, the cabinet presented a draft for the KRITIS Umbrella Act and parliament debated the NIS-2 Implementation Act. There is criticism of both drafts.

By Wilhelmine Stenglin

Talk of the town | German Armed Forces

September 10th, 2025

Danger from drones: Why the Bundeswehr should take over police duties

In the future, the Bundeswehr is to be able to establish the identities of suspicious persons outside of military areas – and thus take on police duties. The so-called Article Act provides for new powers for the troops.

By Viktor Funk

Critical infrastructure (CRITIS) are essential systems and facilities that ensure the functioning of modern societies. Protecting them is a top priority, as their impairment or destruction can have serious consequences for the economy, public safety and everyday life. Increasing digitalization, geopolitical uncertainties and climate change make it necessary to continuously adapt protective measures. Read all the news on critical infrastructure from the Table.Briefings editorial team here. What is critical infrastructure in the EU? In the European Union (EU), Directive 2008/114/EC defines critical infrastructure as "those facilities, systems or parts thereof which are necessary for the maintenance of essential societal functions". This definition includes sectors such as energy, water, transportation, finance and communications. The Critical Infrastructure Resilience Directive (CER Directive), which comes into force in 2024, obliges member states to develop national strategies to increase the resilience of critical infrastructure. In addition, the NIS-2 Directive emphasizes cybersecurity as an essential component of CRITIS protection. Another important element of the EU-wide protection strategy is the European Cybersecurity Strategy, which provides for measures to strengthen the digital infrastructure. This includes the introduction of minimum standards for critical IT systems, the promotion of international cooperation and the development of crisis response mechanisms in the event of a large-scale cyberattack. What is critical infrastructure in Germany? The identification and regulation of critical infrastructure in Germany is subject to the Act on the Federal Office for Information Security (BSI Act). The Federal Office for Information Security (BSI) maintains the so-called " BSI Critical Infrastructure List", which is updated regularly. The sectors include: The IT Security Act 2.0 was introduced in 2021 to oblige operators of critical infrastructure to make their systems more resilient to attacks and outages. It provides for higher cybersecurity requirements and incident reporting obligations. The KRITIS Regulation also defines which companies are considered operators of critical infrastructures and which security measures they must implement. Regular risk analyses and security checks play a central role here. Why is the protection of critical infrastructures important? Critical infrastructures are central elements of a functioning society. Their failure can have far-reaching consequences that affect the economy, public safety and social order. In recent years in particular, threats from cyber attacks, natural disasters and geopolitical tensions have increased. Examples of KRITIS-relevant incidents are: Hybrid threats, which involve a combination of physical and digital attacks, are also becoming an increasing problem. For example, coordinated attacks on power grids in combination with cyber attacks on communication systems are conceivable, which could lead to chaos and instability on a large scale. Protective measures and challenges To increase the resilience of critical infrastructures, authorities and companies rely on several protection strategies: Another important concept is emergency planning. Critical infrastructure operators are required to create comprehensive contingency plans that define measures in the event of a large-scale outage. This includes cooperation with the authorities in order to be able to react quickly and in a coordinated manner in the event of an emergency. Protecting critical infrastructures is a constant challenge that is becoming ever more complex with increasing digitalization and global risks. Companies and authorities must invest more in cyber security, physical protection measures and resilient structures. Close cooperation between EU states, national authorities and private operators remains essential in order to identify threats at an early stage and successfully manage crisis situations. New legislation and advanced technologies can help to increase the security of critical infrastructure and improve resilience to future threats.