News & Insights
We are your first port of call for the latest news, analysis and background information on data protection, data strategy and IT security. We keep you informed with editorially prepared news and interesting facts. Subscribe directly to our newsletter and never miss a thing again.
20.05.2026
Vulnerability management: AI forces companies to rethink
The German Federal Office for Information Security (BSI) is warning that AI-supported systems could soon be able to identify security vulnerabilities at scale. For companies, this is no longer a future scenario. It is a reason to fundamentally rethink vulnerability management now. And the CRA clock is already ticking.
Read more … Vulnerability management: AI forces companies to rethink
12.05.2026
The external CISO in the financial sector: between DORA, cyber risks and ICT risk management
Financial institutions are under particular pressure: cyber risks are increasing, DORA is tightening requirements, and the management body remains responsible. An external CISO can help establish information security in a strategic, pragmatic and audit-ready way.
07.05.2026
NIS2 risk management: not all risks are equally important
Cyber risks are on the rise, compliance pressures are mounting – and NIS2 makes risk management a mandatory requirement. Those who merely piece together individual measures are not thinking long-term. What is crucial is a manageable process that identifies risks, clarifies responsibilities and embeds security into day-to-day operations.
Read more … NIS2 risk management: not all risks are equally important
24.04.2026
Data capabilities: the foundation for AI, compliance and real business value
Many companies invest in data, tools and AI and then wonder why the breakthrough never comes. The reason often lies deeper: they lack structured data capabilities. What exactly does this mean, why are data capabilities decisive for scalability, compliance and monetisation and how do maturity levels make the difference?
Read more … Data capabilities: the foundation for AI, compliance and real business value
17.04.2026
Data strategy: the underrated success factor for scalable AI projects
Many companies invest in AI tools, yet still fail due to unreliable models, lack of acceptance, or regulatory hurdles. The real key lies in having a robust data strategy. This article explains why a robust data strategy is crucial for the success of AI projects and how to build one effectively.
Read more … Data strategy: the underrated success factor for scalable AI projects
08.04.2026
The Cyber Resilience Act: The first reporting obligations will apply from September 2026
Many companies are not planning to comply with the Cyber Resilience Act until 2027. However, one key obligation will come into force earlier: from 11 September 2026, manufacturers will be required to report actively exploited vulnerabilities and serious security incidents within short timeframes. Those who have not put processes in place for this will quickly find themselves under pressure.
Read more … The Cyber Resilience Act: The first reporting obligations will apply from September 2026
02.04.2026
EDPB study on the right to erasure: why article 17 GDPR often becomes a practical challenge
In a Europe-wide audit, the EDPB investigated how organisations implement the right to erasure in practice. The findings revealed that many of the issues stem from processes, deadlines, backups and unclear responsibilities rather than the wording of the law itself.
20.10.2025
IT forensics: Searching for digital evidence in security incidents
IT forensics plays a crucial role in investigating IT security incidents and securing digital evidence. Find out what IT forensics involves, when it is used and how it can protect your business.
Read more … IT forensics: Searching for digital evidence in security incidents
17.10.2025
Data protection impact assessment (DPIA) for AI tools: How companies can use AI in a legally compliant manner
As AI tools such as Microsoft Copilot, ChatGPT and DeepSeek become more prevalent, companies are facing growing regulatory pressure. Data protection impact assessments (DPIAs) are becoming mandatory. But what does that mean in practice? What do companies need to be aware of?
01.10.2025
Creating the right deletion concept: requirements, implementation, risks
The GDPR clearly stipulates that personal data may not be stored indefinitely. Implementing a structured deletion concept helps to ensure compliance with legal requirements, minimise risks and maintain an overview. Find out how to structure an effective concept, what deadlines apply, and what is important in practice.
Read more … Creating the right deletion concept: requirements, implementation, risks