Cybersecurity Law Cleared Important Hurdle
There is time pressure with the cybersecurity law, as Austria is already facing infringement proceedings because the implementation of the EU directive (NIS-2) to improve IT security was delayed. This directive should have been implemented by October 2024, but a draft law by the turquoise-green government could not be passed due to the lack of the required two-thirds majority. FPÖ, SPÖ, and NEOS had refused their approval.
Federal Office for Cybersecurity Planned in Cybersecurity Law
The law aims to create uniform and binding regulations to ensure high security standards. The establishment of a Federal Office for Cybersecurity is planned as a central contact point for all cybersecurity matters within the Ministry of the Interior. One or more national computer emergency teams are to support the affected institutions in the event of a cyberattack.
The amendment is aimed at authorities, but also at companies and institutions that are part of the critical infrastructure, such as energy suppliers and the food trade. They are imposed with comprehensive requirements for security measures. In the event of violations, fines of up to 10 million euros or 2 percent of the worldwide annual turnover are foreseen, for important institutions up to 7 million euros or 1.4 percent.
The new law is largely based on the 2024 legislative proposal but includes adaptations in reporting obligations, transition periods, and the institutional design of the cybersecurity authority. This is also the reason SPÖ and NEOS now give their approval. This achieves the balance between security and data protection, said SPÖ security spokesman Maximilian Köllner to media representatives after the committee. There have been extensive changes to the draft of the previous government, also thanks to the involvement of relevant stakeholders, emphasized NEOS security spokesman Douglas Hoyos in a statement. A key point of the changes is that the NIS authority is no longer the interior minister but a separate authority led by a director. Instructions from the interior minister to the director must be published in an instruction report. "This ensures the necessary transparency and independence," said Hoyos.
Greens Criticize Late Implementation of Cybersecurity Law
It is a disgrace that the law is only now being passed, criticized the Greens' net policy spokesman, Süleyman Zorba, pointing to the dangers from cyberspace, not least from Russia. With the new law, a higher level of security will be ensured, emphasized ÖVP security spokesman Ernst Gödl. A much wider circle of affected companies than in the previous NIS law must now ensure that their systems are prepared for cyberattacks.
Clear rejection came from the FPÖ, warning of a "cost tsunami and total control by the state." Around 4,000 domestic companies would be burdened with absurd new obligations, criticized security spokesman Gernot Darmann. The Freedom Party and data protection advocates see an insoluble conflict of interest in the location of the cybersecurity authority within the Ministry of the Interior, which relies precisely on security gaps for messenger surveillance.
(APA/Red)
This article has been automatically translated, read the original article here.
Du hast einen Hinweis für uns? Oder einen Insider-Tipp, was bei dir in der Gegend gerade passiert? Dann melde dich bei uns, damit wir darüber berichten können.
Wir gehen allen Hinweisen nach, die wir erhalten. Und damit wir schon einen Vorgeschmack und einen guten Überblick bekommen, freuen wir uns über Fotos, Videos oder Texte. Einfach das Formular unten ausfüllen und schon landet dein Tipp bei uns in der Redaktion.
Alternativ kannst du uns direkt über WhatsApp kontaktieren: Zum WhatsApp Chat
Herzlichen Dank für deine Zusendung.
