Germany: Guideline on detection and handling of cyberattacks adopted

On 26 September 2022, the German Federal Institute for Security and Information technology (BSI) released its comprehensive guideline aimed at critical infrastructure providers, critical energy systems and energy supply networks, and auditing firms. After its initial release of a community draft that collected public opinions from relevant stakeholders, this published guideline is the final version. The targeted service providers are obligated to have adequate technical precautions to avoid any disruptions to their critical systems. All components of their IT systems need to remain authentic and confidential. The BSI noted that the guideline should serve as a supporting document that provides insight into how to follow and test the regulatory obligations imposed by the state.