<p>The implementation of the NIS2 Directive requires an integrated understanding of information and cyber security that combines strategic governance, rule-based compliance, technical measures, and targeted competence development. Governance, compliance, IT, and training are complementary dimensions of an organizational security level. While the directive sets a&#xa0;binding horizon at the EU level, its translation into federal structures collides with heterogeneous administrative cultures, political objectives, and notions of competence. Based on a&#xa0;comparative case study, the paper demonstrates how NIS2 serves as a&#xa0;normative framework to critically reflect on implementation, awareness, and structures in a&#xa0;German state administration. The analysis highlights cooperation potentials, responsibilities, and divergent interpretations. The aim is to explore the potential and limits of security organization in public administrations and to provide impulses for a&#xa0;more cooperative approach to security responsibilities. The study shows that complex coordination requirements and resource scarcity can hinder implementation, while also providing starting points for interventions through cooperative governance.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Einheitliche Vorgaben, heterogene Praxis: Potenziale der NIS2-Umsetzung in einer öffentlichen Verwaltung

  • Rebecca Finster,
  • Linda Grogorick,
  • Susanne Robra-Bissantz

摘要

The implementation of the NIS2 Directive requires an integrated understanding of information and cyber security that combines strategic governance, rule-based compliance, technical measures, and targeted competence development. Governance, compliance, IT, and training are complementary dimensions of an organizational security level. While the directive sets a binding horizon at the EU level, its translation into federal structures collides with heterogeneous administrative cultures, political objectives, and notions of competence. Based on a comparative case study, the paper demonstrates how NIS2 serves as a normative framework to critically reflect on implementation, awareness, and structures in a German state administration. The analysis highlights cooperation potentials, responsibilities, and divergent interpretations. The aim is to explore the potential and limits of security organization in public administrations and to provide impulses for a more cooperative approach to security responsibilities. The study shows that complex coordination requirements and resource scarcity can hinder implementation, while also providing starting points for interventions through cooperative governance.