News & Insights
We are your first port of call for the latest news, analysis and background information on data protection, data strategy and IT security. We keep you informed with editorially prepared news and interesting facts. Subscribe directly to our newsletter and never miss a thing again.
01.10.2025
Creating the right deletion concept: requirements, implementation, risks
The GDPR clearly stipulates that personal data may not be stored indefinitely. Implementing a structured deletion concept helps to ensure compliance with legal requirements, minimise risks and maintain an overview. Find out how to structure an effective concept, what deadlines apply, and what is important in practice.
Read more … Creating the right deletion concept: requirements, implementation, risks
23.09.2025
Accountability under the GDPR: Six measures for compliance
A key aspect of the General Data Protection Regulation (GDPR) is the accountability requirement set out in Article 5(2). In this article, we address the most important questions. While this provision establishes the basis for transparent and responsible conduct by data processors, it also poses significant challenges for organisations.
Read more … Accountability under the GDPR: Six measures for compliance
10.09.2025
Cybersecurity for industrial systems: Strategically preparing for the Cyber Resilience Act
The requirements for operators and manufacturers of networked industrial systems are constantly increasing. The Cyber Resilience Act (CRA) is the first time that the European Union has established a binding legal framework for the cybersecurity of digital products. Meanwhile, ISO/IEC 62443 remains the internationally recognised standard for securing industrial automation and control systems (IACS). Our consulting services help companies effectively integrate these requirements.
25.08.2025
Five steps to systematic AI governance: Using AI in a legally compliant manner
The regulation of artificial intelligence is gaining momentum, which has immediate implications for companies. Those who wish to use AI safely and legally in the future will require more than technical expertise; they will also need to adopt a systematic governance approach.
Read more … Five steps to systematic AI governance: Using AI in a legally compliant manner
19.08.2025
Business Continuity Management: How your company can safely survive cyber attacks
Companies are being hit by cyber attacks more frequently, more deliberately and with more serious consequences than ever before. Business continuity management (BCM) helps organisations remain operational in an emergency and quickly restore critical business processes. This article will teach you how to develop an effective BCM plan, step by step and in a practical, implementable way.
Read more … Business Continuity Management: How your company can safely survive cyber attacks
13.08.2025
Anonymisation and pseudonymisation: effectively implementing data protection and sensible data use
Finding the right balance between protecting data and creating value from it is a major challenge for modern organisations. Those processing personal data must protect it while ensuring it remains usable. Anonymisation and pseudonymisation are two proven methods of resolving this conflict. This article provides a practical, legally compliant overview, covering everything from definitions and technical procedures to application examples and regulatory requirements.
29.07.2025
NIS2 implementation is coming: German government aims for entry into force by early 2026
The process of implementing the EU NIS2 Directive into German law is gathering pace. A concrete plan for its implementation is finally on the table. However, many companies still seem to underestimate its significance. Read on to find out what needs to be done now.
Read more … NIS2 implementation is coming: German government aims for entry into force by early 2026
25.07.2025
The role of the external data protection officer (DPO): obligations, tasks and costs
Most companies are required by law to appoint a data protection officer. But what exactly does a DPO do, and what skills should they possess? When is it sensible to appoint an external DPO, and when is an internal solution sufficient? We have compiled all the information you need about external DPOs to help you decide.
Read more … The role of the external data protection officer (DPO): obligations, tasks and costs
15.07.2025
Ransomware: How to react correctly in seven steps
A ransomware attack can render companies unable to operate and encrypt valuable data. But there's no need to panic! The consequences can be minimised with a quick, structured response. Our guide explains what to do in an emergency and which immediate measures need to be taken. It also clarifies why ransom payments are not a solution.
Read more … Ransomware: How to react correctly in seven steps
20.06.2025
Data protection management system (DPMS): your key to GDPR compliance
To fulfil the requirements of the General Data Protection Regulation (GDPR), the implementation of a Data Protection Management System (DMS) is recommended. This system enables data protection requirements to be regulated, planned, implemented and monitored. This significantly simplifies compliance for companies and their employees. Read on to find out how to set up a GDPR-compliant DMS, who should be responsible for it within your organisation, and which software could help.
Read more … Data protection management system (DPMS): your key to GDPR compliance