Data protection congress 2025: Future of cyber security in focus!

Data protection congress 2025: Future of cyber security in focus!

The DAD 2025 data protection congress, which took place in Potsdam from June 2 to 4, seems to have been a complete success. It was the 27th edition of this renowned meeting that brought together experts from all areas of data protection and cyber security landscape. The committed speakers Stefanie Geuhs (Computas) and Rain Dr. Britta A. Mester (DSN Group). The diversity of topics ranged from data protection to information security to the challenges of artificial intelligence (KI) and the consequences of the new NIS-2 directive, such as data protection notes reported.

The installation of a high-quality cyber security level in the European Union is the focus of the NIS 2 directive, which was adopted on December 14, 2022 and replaces the old NIS 1 directive. However, the implementation of this guideline has been delayed; Originally planned for October 2024, March 2025 is now the new appointment. As noted in [Fraunhofer] (https://www.iese.fraunhofer.de/blog/nis-2- Directive-Mandlung- Deutschland/), the guideline of around 29,000 companies in Germany expects compliance with strict security requirements and extensive reporting obligations.

ikt and Ki in focus

among the lecturers at the congress was also Prof. Dr. Dieter Kugelmann (LFDI Rhineland-Palatinate), who emphasized how important a data protection-compliant interpretation of AI systems is. He made it clear that legislation in the ACI area is slowly keeping pace with the rapid further development of the technology. Maria Christina Rost (LFD Saxony-Anhalt) also spoke about this problem and hammered the urgency of adapting the legal framework.

dealing with the requirements of the NIS 2 directive was another central topic. Prof. Dr. Dennis-Kenji Kipker (cyberintelligence.institute) gave a lecture on the responsibilities and liability that arises from the directive. This is particularly relevant because the NIS 2 of companies demands not only to process security risks preventively, but also to react flexibly with regard to cybercrime and IT security.

meaning of the NIS-2 directive

The legal framework that the NIS-2 directive creates is crucial. The new provisions include extended areas of application, stricter ** security requirements ** and a binding registration period of 24 hours with considerable cyber incident. Violations can be punished with fines of up to 2% of the global annual turnover or 10 million euros, as explained on the BSI website. The NIS 2 defines ten measures to improve cyber security that are urgently concerned for many companies.

The density of synergies between the EU digital strategy and the General Data Protection Regulation (GDPR) were also discussed. Carolin Loy (Baylda) emphasized how important this coordinated approach is to meet the requirements of today. In addition, experts spoke about the challenges of anonymizing genetic data and the often neglected communications with those affected.

The congress not only offered space for specialist knowledge, but also for the exchange of ideas and approaches. The participants were able to make valuable contacts and exchange ideas about the best practices. The supporting program also promoted this exchange of knowledge in a pleasant atmosphere. If you are looking for networking in data protection and cyber security, you should already make a note for DUD 2026, which will take place from June 15th to 17th - registrations are already possible!