The digital world is evolving rapidly; our buildings are more interconnected today than ever before\u2014and cyberattacks are becoming increasingly sophisticated. This is precisely where the new EU-wide NIS 2 Directive and Austria\u2019s \u201cNISG 2026\u201d come into play. The new regulations, which focus on comprehensively strengthening cybersecurity, are aimed at a wide range of companies and organizations that are of great importance to our society and economy\u2014from energy providers and transportation companies to healthcare facilities and digital service providers. It does not matter whether systems are managed internally or by external partners: they typically fall within the scope of the new security requirements.<\/p>\n\n\n\n
To meet the new requirements, it is advisable to begin in a structured manner by creating an overview of all relevant building and security technology systems and locations. For building operators, this means, in practical terms, implementing active risk management to identify vulnerabilities in network and information systems and address them with appropriate measures. In the event of an emergency, a rapid response to security incidents must be ensured, including clearly defined reporting channels. Responsibility for cybersecurity lies explicitly with management and must be verifiable through policies and regular audits. Partner companies must also meet certain standards, such as those related to remote access or the provision of updates. Regular monitoring through audits and tests is essential to ensure the long-term effectiveness of security measures.<\/p>\n\n\n\n
Even before a project begins, it is important to know exactly which systems will be used and what risks might exist. A detailed assessment, planning, and evaluation of criticality are the first steps here. The security requirements are then incorporated into requests for proposals and contracts. This includes, for example, the ability to update systems (patches), clear rules for access rights, and the use of secure authentication methods such as multi-factor authentication. Ideally, building automation systems should run on a separate, secure network segment, isolated from the regular office IT infrastructure, to minimize the risk in the event of an attack. Before a system goes live, a comprehensive \u201csecurity acceptance\u201d is conducted, during which all security aspects are reviewed and documented.<\/p>\n\n\n\n
Even after installation, ongoing attention is required. This includes regular updates for cameras, servers, and other components. For older systems that can no longer be updated, special protective measures or the replacement of these components is required. Comprehensive monitoring ensures that anomalies or attempted attacks are detected immediately. Regular backups and tested recovery plans ensure that the systems are back up and running quickly even after an incident.<\/p>\n\n\n\n\n\n
Siemens: Your Partner for a Secure Future<\/strong> With their expertise and a comprehensive portfolio, our experts support our customers in meeting the requirements of the NISG 2026 securely and efficiently.<\/p>\n rn t<\/p>\n rn t<\/p>\n rn t<\/p>\n rn t<\/p>\n rn<\/p>\n As a technology partner, Siemens ensures that the building and security systems are not only state-of-the-art and resilient, but also that your requirements for compliance with NISG 2026 and other regulations are met. This allows our customers to focus on their core business while our experts ensure the security of their infrastructure.<\/p>\n <\/div>\n \n<\/div>\n\n\n <\/p>\n\n\n\n <\/p>\n\n
rn t<\/p>\n
\n
\n
\n
\n
\n
\n
\n
\n