Blog
Editors
Stefan Rühl

Stefan Rühl

Information Security Lead

In his role as Head of InfoSec and as an ISO27001 Lead Auditor, Stefan supports our clients with the implementation and optimization of ISMS systems. His specialized area includes establishing BCM environments, emergency and crisis management teams, and developing and testing emergency processes for both SMEs and large corporate structures. Additionally, he advises managing directors and board members on decision-making related to cyber resilience and the optimization of IT organizations.

Connect on LinkedIn

Published posts

NIS2 Reporting Obligations for Companies: Deadlines and Practical Implementation
05.05.2026
NIS2 Reporting Obligations for Companies: Deadlines and Practical Implementation
The NIS2 Implementation Act has been in force since December 6, 2025. From now on, compliance officers must report significant security incidents within 24 hours. This guide shows you what other deadlines apply and how to safely meet them in an emergency.
Digital Sovereignty: The Foundation for NIS2 and GDPR Compliance for SMEs
10.02.2026
Digital Sovereignty: The Foundation for NIS2 and GDPR Compliance for SMEs
NIS2 requires supply chain security, GDPR demands transparent data processing, and DORA targets ICT security in the financial sector. Those who don't fully control their IT systems and data will struggle to meet these regulations. Digital sovereignty is therefore no longer a nice-to-have, but a prerequisite for demonstrable compliance.
NIS2 CEO Liability: What You Need to Know Now
17.12.2025
NIS2 CEO Liability: What You Need to Know Now
Even today, executives are obliged to ensure IT security. However, with the new NIS2 directive, it becomes clear: responsibility unequivocally lies with management. Anyone who ignores obligations, fails to monitor measures, or foregoes training may be held personally liable. The NIS2 implementation act has been in force in Germany since December 6, 2025 – without a transition period. Learn everything about NIS2 liability in this article and why IT security is a top management priority.
ISO 27001 IT Risk Analysis: Foundation for a Robust ISMS and Effective Cyber Defense
16.09.2025
ISO 27001 IT Risk Analysis: Foundation for a Robust ISMS and Effective Cyber Defense
With an ISO risk assessment, IT and InfoSec managers lay the groundwork for an effective ISMS that protects their company from cyberattacks and data loss and helps meet GDPR and NIS2 requirements. In this practical guide, you will learn everything about ISO risk analysis and the role Annex A and the SoA play.