News & Insights
We are your first port of call for the latest news, analysis and background information on data protection, data strategy and IT security. We keep you informed with editorially prepared news and interesting facts. Subscribe directly to our newsletter and never miss a thing again.
13.08.2025
Anonymisation and pseudonymisation: effectively implementing data protection and sensible data use
Finding the right balance between protecting data and creating value from it is a major challenge for modern organisations. Those processing personal data must protect it while ensuring it remains usable. Anonymisation and pseudonymisation are two proven methods of resolving this conflict. This article provides a practical, legally compliant overview, covering everything from definitions and technical procedures to application examples and regulatory requirements.
29.07.2025
NIS2 implementation is coming: German government aims for entry into force by early 2026
The process of implementing the EU NIS2 Directive into German law is gathering pace. A concrete plan for its implementation is finally on the table. However, many companies still seem to underestimate its significance. Read on to find out what needs to be done now.
Read more … NIS2 implementation is coming: German government aims for entry into force by early 2026
25.07.2025
The role of the external data protection officer (DPO): obligations, tasks and costs
Most companies are required by law to appoint a data protection officer. But what exactly does a DPO do, and what skills should they possess? When is it sensible to appoint an external DPO, and when is an internal solution sufficient? We have compiled all the information you need about external DPOs to help you decide.
Read more … The role of the external data protection officer (DPO): obligations, tasks and costs
15.07.2025
Ransomware: How to react correctly in seven steps
A ransomware attack can render companies unable to operate and encrypt valuable data. But there's no need to panic! The consequences can be minimised with a quick, structured response. Our guide explains what to do in an emergency and which immediate measures need to be taken. It also clarifies why ransom payments are not a solution.
Read more … Ransomware: How to react correctly in seven steps
20.06.2025
Data protection management system (DPMS): your key to GDPR compliance
To fulfil the requirements of the General Data Protection Regulation (GDPR), the implementation of a Data Protection Management System (DMS) is recommended. This system enables data protection requirements to be regulated, planned, implemented and monitored. This significantly simplifies compliance for companies and their employees. Read on to find out how to set up a GDPR-compliant DMS, who should be responsible for it within your organisation, and which software could help.
Read more … Data protection management system (DPMS): your key to GDPR compliance
13.06.2025
External information security officer (ISO): tasks, benefits & services
- An external Information Security Officer (ISO) can help control threats and optimise security strategies.
- They provide impartial expertise and carry out various tasks to ensure compliance with information security measures.
- In our article, we explain the advantages of appointing an external ISO.
Read more … External information security officer (ISO): tasks, benefits & services
06.06.2025
IT risk management: identifying, assessing and managing risks
Data loss, cyberattacks and system failures can have a significant impact on business operations and destroy trust. As a business owner responsible for IT infrastructure, you know that securing your IT systems is crucial. This article will guide you through all the key questions about IT risk management and explain its role in IT security.
Read more … IT risk management: identifying, assessing and managing risks
14.05.2025
The Cyber Resilience Act: Deadline, application and measures
The Cyber Resilience Act will bring about significant changes across the EU, particularly affecting companies in the mechanical and plant engineering sector. From 2027 onwards, products containing communication-enabled digital elements will need to meet strict security standards to receive the CE mark. The law requires measures to minimise cybersecurity risks throughout the entire product life cycle, from design to regular updates after the product has been placed on the market. This article provides an overview of all the key changes to help your company implement them successfully.
Read more … The Cyber Resilience Act: Deadline, application and measures
29.04.2025
New regulations for your ISMS: your IT security needs to meet these regulatory requirements
In recent years, a number of new IT security regulations have created significant challenges for organisations. These laws require organisations to take comprehensive measures to secure their IT infrastructure and data. In light of these growing requirements, it is a good idea to implement an Information Security Management System (ISMS). An ISMS not only helps to meet legal requirements, but also helps to improve the overall security posture of an organisation.
23.04.2025
The 4 steps to conducting a proper Data Protection Impact Assessment (DPIA)
The Data Protection Impact Assessment (DPIA) is a key tool of the GDPR, designed to identify and minimise risks to the rights and freedoms of data subjects at an early stage. Particularly in an increasingly data-driven world, it presents companies with the challenge of designing complex processes in a legally compliant and transparent manner. In this article, we highlight the key aspects of a DPIA and the process in 4 steps.
Read more … The 4 steps to conducting a proper Data Protection Impact Assessment (DPIA)