{"id":5261,"date":"2024-07-18T10:09:14","date_gmt":"2024-07-18T10:09:14","guid":{"rendered":"https:\/\/locaterisk.com\/?p=5261"},"modified":"2026-01-16T12:42:44","modified_gmt":"2026-01-16T12:42:44","slug":"cybersicherheit-in-der-digitalen-lieferkette","status":"publish","type":"post","link":"https:\/\/locaterisk.com\/en\/cybersicherheit-in-der-digitalen-lieferkette\/","title":{"rendered":"Cybersecurity in the digital supply chain"},"content":{"rendered":"<div class=\"wp-block-lr-blog-article-header-module\">\r\n    <div class=\"content\">\r\n\t\t<div class=\"headline\">\r\n\t\t\t<button class=\"to-blog-button\">Back to Blog                <a href=\"https:\/\/locaterisk.com\/en\/blog\/\"><\/a>\r\n\t\t\t<\/button>\r\n\t\t\t\t\t<\/div>\r\n        <div class=\"main-content\">\r\n\t\t\t\t\t\t<!--\r\n            <div class=\"header\">\r\n                <h6> <\/h6>\r\n            <\/div>\r\n\t\t\t\t\t\t-->\r\n            <h1 class=\"title\">Cybersecurity in the supply chain: regulations for companies in the EU and Germany<\/h1>\r\n            <p class=\"paragraph\"><br>The legal regulations on cyber security in the digital supply chain set high requirements for the protection of data and information systems. This article provides you with an overview of the current status with regard to GDPR, NIS2, DORA and CRA.<br><\/p>\r\n        <\/div>\r\n    <\/div>\r\n<\/div>\r\n\r\n\r\n\n\n\n<p><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"482\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA.png\" alt=\"Bild zum Thema Cybersicherheit in der Lieferkette: Vorschriften f\u00fcr Unternehmen in der EU\" class=\"wp-image-5296\" style=\"object-fit:cover\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA.png 800w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-300x181.png 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-768x463.png 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-18x12.png 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption class=\"wp-element-caption\">The new rights for cybersecurity in the EU: Consistent implementation is essential to protect the integrity and security of the digital infrastructure and to maintain the trust of users and consumers.<\/figcaption><\/figure><\/div>\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\">Legislation with an impact on the supply chain<\/h2>\n\n\n\n<p>GDPR, NIS2, DORA etc. require companies to implement and continuously monitor comprehensive security measures. The regulations aim to strengthen digital resilience, ensure data protection and minimize risks in the supply chain. <\/p>\n\n\n\n<p><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"533\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR_DSGVO-800-px.jpg\" alt=\"Bild zur DSGVO, Datenschutzgrundverordnung \" class=\"wp-image-5294\" style=\"width:358px;height:auto\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR_DSGVO-800-px.jpg 800w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR_DSGVO-800-px-300x200.jpg 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR_DSGVO-800-px-768x512.jpg 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR_DSGVO-800-px-18x12.jpg 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">GDPR - General Data Protection Regulation - DSGVO - General Data Protection Regulation<\/h3>\n\n\n\n<p><strong>Legal regulation<\/strong><br>The GDPR is a regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. It is binding in all its parts and applies directly in all member states.<\/p>\n\n\n\n<p><strong>Destination<\/strong><br>Protecting the personal data of EU citizens from improper use and processing.<\/p>\n\n\n\n<p><strong>Facilities affected:<\/strong><br>Companies based in the EU: if they process personal data, regardless of where the actual data processing takes place. <br>Organizations based outside the EU: e.g. if they offer products or services to individuals in the EU or monitor their behavior.<\/p>\n\n\n\n<p><strong>Requirements<\/strong><br>The regulation obliges data processing companies to take appropriate technical and organizational measures to ensure data security. This also includes the management of third parties in the supply chain. With regard to Article 28 GDPR, it makes sense to check commissioned processors in the supply chain for the proper protection of personal data and compliance with data protection laws. Not least in order to be able to provide proof in the event of an incident. Good to know: Clients who can prove that they are satisfied that a processor works in compliance with the GDPR can often avoid liability in the event of a breach by the processor.<\/p>\n\n\n\n<p><strong>Validity:<\/strong>&nbsp;Since May 25, 2018<\/p>\n\n\n\n<p><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\" id=\"Mehr-zu-NIS2\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"533\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/NIS2-800px.jpg\" alt=\"Grafik zur NIS-2-Richtlinie (The Network and Information Security (NIS) Directive)\" class=\"wp-image-5291\" style=\"width:346px;height:auto\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/NIS2-800px.jpg 800w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/NIS2-800px-300x200.jpg 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/NIS2-800px-768x512.jpg 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/NIS2-800px-18x12.jpg 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\" id=\"nis2-richtlinie\"><strong>NIS 2 - EU Directive on the security of network and information systems<\/strong>&nbsp;<\/h3>\n\n\n\n<p><strong>Legal regulation<\/strong><br>NIS 2 is a directive on cyber security in the EU. The member states must transpose the measures required to comply with the directive into national law within a certain period of time.<\/p>\n\n\n\n<p><strong>Destination<\/strong><br>NIS 2 aims to harmonize and improve the level of security in the EU Member States.<br><\/p>\n\n\n\n<p><strong>Facilities affected<\/strong><br>Public and private organizations that provide their services in the EU. A distinction is made between two categories, which give rise to different obligations.<br><br><strong>1) Particularly important facilities - \u00a728 (1)<\/strong><br>Large companies in the following sectors: energy, transportation, finance, healthcare, water\/wastewater, digital infrastructure, space and special cases regardless of their size.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Large companies (250 employees or more or an annual turnover of over EUR 50 million and a balance sheet of over EUR 43 million)<br><\/li>\n\n\n\n<li>Special cases (regardless of company size): <br>qTSP (qualified trust service provider)<br>TLD (top-level domain) provider<br>DNS provider<br>TC providers (telecommunications providers - including medium-sized companies)<br>Operators of critical systems<br>Central government (ministries and the Federal Chancellery)<\/li>\n<\/ul>\n\n\n\n<p><strong>2) Important facilities - \u00a728 (2)<\/strong><br>Large and medium-sized companies in numerous sectors.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Medium-sized companies (from 50 employees or an annual turnover and balance sheet of more than EUR 10 million) in the sectors:<br>Energy, transportation\/transport, finance, health, water\/wastewater, digital infrastructure, space<br><\/li>\n\n\n\n<li>Large companies and medium-sized companies in the sectors:<br> Post\/courier, municipal waste disposal, chemicals, food, manufacturing, digital services, research<br><\/li>\n\n\n\n<li>Regardless of company size: trust services<\/li>\n<\/ul>\n\n\n\n<p><strong>Requirements<\/strong><br>Facilities that fall under the requirements of the NIS 2 Regulation are obliged, among other things, to take measures to secure their supply chain. Conversely, this also means protecting themselves against threats that could come from other parts of the supply chain. Affected companies are required to take a close look at their business partner and supplier relationships and review them with regard to IT security requirements.<\/p>\n\n\n\n<p><strong>Validity:<\/strong>&nbsp;<br>In force since January 16, 2023 and now to be transposed into national law by the member states. <br>The law is available in Germany as <a href=\"https:\/\/www.bmi.bund.de\/SharedDocs\/gesetzgebungsverfahren\/DE\/Downloads\/referentenentwuerfe\/CI1\/NIS-2-RefE-24062024.pdf\">Draft bill NIS2UmsuCG (June 2024)<\/a> and must pass through legislation at federal level by October 2024. The contribution information is as of July 2024, but is subject to change. It is expected that the requirement will be applied in Germany in spring 2025.<\/p>\n\n\n\n<p><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\" id=\"Mehr-zu-DORA\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act-1024x683.png\" alt=\"\" class=\"wp-image-5239\" style=\"width:342px;height:auto\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act-1024x683.png 1024w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act-300x200.png 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act-768x512.png 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act-18x12.png 18w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/06\/DORA-Digital-Operational-Resilience-Act.png 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\"><strong>DORA<\/strong> - <strong>Digital Operational Resilience Act<\/strong> <\/h3>\n\n\n\n<p><strong>Legal regulation<\/strong><br>DORA is a regulation on digital operational resilience in the financial sector. It is binding in all its parts and applies directly in all member states. <\/p>\n\n\n\n<p><strong>Destination<\/strong><br>DORA creates a uniform framework for comprehensive cybersecurity and ICT risk management in the EU financial sector. The aim of the regulation is to improve the digital resilience and security of financial institutions operating in the EU. This includes strengthening the information and communication technology (ICT) of financial companies as well as third-party risk management.<\/p>\n\n\n\n<p><strong>Facilities affected<\/strong><br>DORA applies to all financial institutions operating in the EU, including banks, payment service providers, investment firms, insurance companies, trading venues and providers of data transmission services. The regulation also covers companies that provide services to the financial industry, such as software providers, managed IT services, hardware-as-a-service providers, cloud computing service providers and data centers.<\/p>\n\n\n\n<p><strong>Requirements<\/strong><br>With regard to the management of ICT third-party risk, financial institutions are required, among other things, to carry out a risk analysis and due diligence with the respective ICT third-party service provider before concluding the contract. During the course of the business relationship, IT and GDPR compliance and the effectiveness of the security measures must be continuously tested. The management of ICT third-party risk is carried out by <a href=\"https:\/\/www.bafin.de\/DE\/Aufsicht\/DORA\/Ueberwachungsrahmen_IKT_Drittdienstleister\/Ueberwachungsrahmen_IKT_Drittdienstleister_node.html;jsessionid=180F6ACFB50E992AF0205E003F32B7D4.internet982\">DORA in chapter 5<\/a> regulated.<\/p>\n\n\n\n<p><strong>Validity:<\/strong>&nbsp;&nbsp;<br>DORA has been in force since January 2023 with an implementation period of two years. This means that the requirements must be met from January 2025.<\/p>\n\n\n\n<p>More on the Topic <a href=\"https:\/\/locaterisk.com\/en\/dora-digital-operational-resilience-act\/\">DORA Digital Operational Resilience Act<\/a><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"533\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/CRA-Kopie.jpg\" alt=\"\" class=\"wp-image-5289\" style=\"width:360px;height:auto\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/CRA-Kopie.jpg 800w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/CRA-Kopie-300x200.jpg 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/CRA-Kopie-768x512.jpg 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/CRA-Kopie-18x12.jpg 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">CRA - <strong><strong>EU Cyber Resilience Act<\/strong><\/strong> <\/h3>\n\n\n\n<p><strong>Legal regulation<\/strong><br>The Cyber Resilience Act (CRA) is a draft regulation. It will apply automatically and uniformly in all EU countries when it comes into force.<br><strong>Target: <\/strong><br>The Cyber Resilience Act is a new EU regulation that obliges manufacturers and retailers to protect digital products from unauthorized access and manipulation throughout their entire life cycle. The primary aim is to strengthen cyber security in the EU by creating a standardized legal framework for these products.<\/p>\n\n\n\n<p><strong>Facilities affected<\/strong><br>All manufacturers, importers and distributors of hardware and software products (devices, solutions and components) from the consumer or industrial sector active in the EU.<br><\/p>\n\n\n\n<p><strong>Requirements:<\/strong>&nbsp;<br>Under the new regulations, manufacturers and distributors must carry out regular risk assessments and keep detailed records of the safety features and functions of their products and services. It is expected that around 90 percent of products available on the European market will fall into the standard category.<\/p>\n\n\n\n<p><strong>Validity:<\/strong>&nbsp;&nbsp;<br>The regulation has not yet entered into force; the final decision by the EU Parliament is expected by June 2024, followed by a transitional period of up to two years.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><\/h3>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"510\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/VRM1.png\" alt=\"\" class=\"wp-image-5316\" style=\"width:470px;height:auto\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/VRM1.png 800w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/VRM1-300x191.png 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/VRM1-768x490.png 768w, https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/VRM1-18x12.png 18w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Business partner risk management - made simple<\/h3>\n\n\n\n<p>LocateRisk uses automated IT risk analyses and digital questionnaires to help you fulfill your due diligence obligations in the supply chain. This ensures the necessary transparency and speeds up your security process. <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Review of the current IT risk of suppliers and service providers in the shortest possible time<\/li>\n\n\n\n<li>Monitoring at selectable intervals: annually, quarterly, monthly<\/li>\n\n\n\n<li>Notifications in the event of supplier risk changes<\/li>\n\n\n\n<li>Role-based access control and individual user accounts<\/li>\n\n\n\n<li>Functions for obtaining scanning permission speed up communication<\/li>\n\n\n\n<li>Dashboard, filters and sorting functions for easy management<\/li>\n\n\n\n<li>Digital questionnaires for upload: multilingual, automated notifications and much more.<\/li>\n<\/ul>\n\n\n\n<p>More on the Topic <a href=\"https:\/\/locaterisk.com\/en\/lieferanten-risikomanagement-leicht-gemacht\/\">Supplier risk management for complex supply chains - made easy<\/a><\/p>\n\n\n\n<div class=\"wp-block-lr-contact-post-module\">\n\t<div id=\"lr-contact-form\" class=\"wp-block-lr-contact-post-module\">\n\t\t<div id=\"formular\" class=\"content\">\n\t\t\t<div class=\"inner-content\">\n\t\t\t\t<div class=\"column-2 feature-mode\">\n\t\t\t\t\t<h2><br>Request your personal Live-Demo now<\/h2>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div>\n\t\t\t\t\t\t\t\t<p class=\"margin-b-36\">Identify and reduce your cyber risks through a comparable and understandable overview of your IT security. Let our experts advise you and find out how LocateRisk can help you solve your cyber risks.<\/p>\n\t\t\t\t\t\t\t<\/div>\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div> \n\t\t\t\t<div class=\"column-2\">\n\t\t\t\t\t<form action=\"\" class=\"form\" method=\"post\" role=\"form\" novalidate data-trp-original-action=\"\">\n\t\t\t\t\t\t<input type=\"text\" id=\"successmessage\" name=\"successmessage\" value=\"Ihre Registrierung war erfolgreich Ihre Anfrage wurde erfolgreich versendet. Wir haben Ihnen soeben eine Best\u00e4tigungsmail mit einem Aktivierungs-Link zugesendet, um einem Missbrauch Ihrer E-Mail Adresse durch Dritte vorzubeugen. Die Mail wird von sales@locaterisk.com versendet und sollte sich i n wenigen Minuten in Ihrem Posteingang finden.\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"errormessage\" name=\"errormessage\" value=\"Da ist wohl etwas schief gelaufen. Bitte probieren Sie es erneut oder nehmen Sie direkt mit uns Kontakt auf\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"slug\" name=\"slug\" value=\"cybersicherheit-in-der-digitalen-lieferkette\" hidden>\n\n\t\t\t\t\t\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"name\"\n\t\t\t\t\t\t\t\tname=\"name\"\n\t\t\t\t\t\t\t\tplaceholder=\"first name\"\n\t\t\t\t\t\t\t\trequired\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"surname\"\n\t\t\t\t\t\t\t\tname=\"surname\"\n\t\t\t\t\t\t\t\tplaceholder=\"last name\"\n\t\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"email\"\n\t\t\t\t\t\t\tid=\"email\"\n\t\t\t\t\t\t\tname=\"email\"\n\t\t\t\t\t\t\tplaceholder=\"Email\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\tid=\"phone\"\n\t\t\t\t\t\t\tname=\"phone\"\n\t\t\t\t\t\t\tplaceholder=\"phone\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<h6 class=\"error-message\" hidden>...<\/h6>\n\t\t\t\t\t\t<div class=\"checkbox_container\">\n\t\t\t\t\t\t\t<div class=\"checkbox\">\n\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\t\ttype=\"checkbox\"\n\t\t\t\t\t\t\t\t\tid=\"checkbox\"\n\t\t\t\t\t\t\t\t\tname=\"checkbox\" \/>\n\n\t\t\t\t\t\t\t\t<label for=\"checkbox\"><\/label>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<p class=\"translation-block\">I agree with the <a href=\"https:\/\/locaterisk.com\/en\/datenschutz\/\" target=\"_self\">privacy policy<\/a>.<\/p> \n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\n\t\t\t\t\t<div class=\"g-recaptcha\" data-sitekey=\"6LdErNoZAAAAAD1Re2jNxtDFfcDaL9iED5MRBzjR\" data-callback=\"verifyRecaptchaCallback\" data-expired-callback=\"expiredRecaptchaCallback\"><\/div>\n\t\t\t\t\t<input type=\"hidden\" name=\"g-recaptcha-response\" data-recaptcha \/>\n\n\t\t\t\t\t\t<button class=\"lr-button-link\" type=\"submit\"> Request a Demo<\/button>\n\t\t\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"en\"\/><\/form>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/div>\n\t\n\t<\/div>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity is-style-wide\"\/>\n\n\n\n<div class=\"wp-block-lr-contact-module\"><div class=\"content\"><h2>Want to find out more, book a demo or simply exchange ideas? We look forward to hearing from you!<\/h2><div class=\"contact-info-row\"><div class=\"contact-person-info\"><div class=\"avatar\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2025\/06\/Lukas_Baumann_LocateRisk-300.png\"><\/div><p><span class=\"text before\">Your personal consultant<\/span><span class=\"bold name\"><strong>Lukas<\/strong><\/span> <span class=\"lastname\"><strong>Baumann<strong><\/strong><\/strong><\/span><strong><strong><span class=\"separator\"><\/span><span class=\"role\">CEO<\/span><\/strong><\/strong><\/p><\/div><p class=\"bold phone\"><strong><strong>+49 6151 6290246<\/strong><\/strong><\/p><strong><strong><a class=\"pr-1\" href=\"mailto: sales@locaterisk.com\">Get in Touch Now<\/a><\/strong><\/strong><\/div><\/div><\/div>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"wp-block-lr-footer-module lr-footer-block\"><div class=\"content\"><div class=\"column0\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/assets\/img\/lr-logo.svg\"\/><\/div><div class=\"categories\"><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/locaterisk.com\/en\/\">Home<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/blog\/\">Blog<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/about\/\">About Us<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/kontakt\/\">Contact<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/impressum\/\">Legal Notice<\/a><\/div><div class=\"categories-break\"><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/datenschutz\/\">Privacy<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/files\/gtc.pdf\">General Terms and Conditions<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/en\/jobs\/\">Jobs<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/files\/sec-information.pdf\">Security<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/app.secfix.com\/trust\/locaterisk\/d1e7d433b33643aea1880bfbfeab9f60\">Trust Center<\/a><\/div><\/div><div class=\"social\"><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/10\/gruppe-230@3x.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.instagram.com\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Instagram.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/locaterisk\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/twitter.png\"\/><\/a><\/div><\/div><div class=\"description\"><h6>\u00a9 LocateRisk 2026<\/h6><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>This article provides you with an overview of the current status regarding GDPR, NIS2, DORA and CRA.<\/p>","protected":false},"author":8,"featured_media":5306,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[66,61,60,36,45,37],"class_list":["post-5261","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blogpost","tag-cra-cyber-resilience-act-2","tag-digital-operational-resilience-act","tag-dora","tag-eu-richtlinie","tag-lieferkette","tag-nis2"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cybersicherheit in der digitalen Lieferkette - LocateRisk<\/title>\n<meta name=\"description\" content=\"Die wichtigsten Cybersecurity-Vorschriften f\u00fcr Unternehmen in der EU und Deutschland und wie Automatisierung bei der Erf\u00fcllung unterst\u00fctzt.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/locaterisk.com\/en\/cybersicherheit-in-der-digitalen-lieferkette\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersicherheit in der digitalen Lieferkette - LocateRisk\" \/>\n<meta property=\"og:description\" content=\"Die wichtigsten Cybersecurity-Vorschriften f\u00fcr Unternehmen in der EU und Deutschland und wie Automatisierung bei der Erf\u00fcllung unterst\u00fctzt.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/locaterisk.com\/en\/cybersicherheit-in-der-digitalen-lieferkette\/\" \/>\n<meta property=\"og:site_name\" content=\"LocateRisk\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-18T10:09:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-16T12:42:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png\" \/>\n\t<meta property=\"og:image:width\" content=\"632\" \/>\n\t<meta property=\"og:image:height\" content=\"632\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kristina Breuer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kristina Breuer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"24 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/\"},\"author\":{\"name\":\"Kristina Breuer\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/21e5a12d84c0f342634386c0ab61710d\"},\"headline\":\"Cybersicherheit in der digitalen Lieferkette\",\"datePublished\":\"2024-07-18T10:09:14+00:00\",\"dateModified\":\"2026-01-16T12:42:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/\"},\"wordCount\":1298,\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/GDPR-DORA-NIS2-CRA-632px.png\",\"keywords\":[\"CRA \u2013 Cyber Resilience Act\",\"Digital Operational Resilience Act\",\"DORA\",\"EU-Richtlinie\",\"Lieferkette\",\"NIS2\"],\"articleSection\":[\"Blog post\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/\",\"name\":\"Cybersicherheit in der digitalen Lieferkette - LocateRisk\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/GDPR-DORA-NIS2-CRA-632px.png\",\"datePublished\":\"2024-07-18T10:09:14+00:00\",\"dateModified\":\"2026-01-16T12:42:44+00:00\",\"description\":\"Die wichtigsten Cybersecurity-Vorschriften f\u00fcr Unternehmen in der EU und Deutschland und wie Automatisierung bei der Erf\u00fcllung unterst\u00fctzt.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#primaryimage\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/GDPR-DORA-NIS2-CRA-632px.png\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/GDPR-DORA-NIS2-CRA-632px.png\",\"width\":632,\"height\":632,\"caption\":\"Grafik zum Thema GDPR, DORA, NIS2, CRA\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/cybersicherheit-in-der-digitalen-lieferkette\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/locaterisk.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersicherheit in der digitalen Lieferkette\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"name\":\"LocateRisk\",\"description\":\"IT-Sicherheit messen und vergleichen\",\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\",\"name\":\"LocateRisk\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"LocateRisk\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/locaterisk\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/21e5a12d84c0f342634386c0ab61710d\",\"name\":\"Kristina Breuer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g\",\"caption\":\"Kristina Breuer\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity in the digital supply chain - LocateRisk","description":"The most important cybersecurity regulations for companies in the EU and Germany and how automation supports compliance.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/locaterisk.com\/en\/cybersicherheit-in-der-digitalen-lieferkette\/","og_locale":"en_US","og_type":"article","og_title":"Cybersicherheit in der digitalen Lieferkette - LocateRisk","og_description":"Die wichtigsten Cybersecurity-Vorschriften f\u00fcr Unternehmen in der EU und Deutschland und wie Automatisierung bei der Erf\u00fcllung unterst\u00fctzt.","og_url":"https:\/\/locaterisk.com\/en\/cybersicherheit-in-der-digitalen-lieferkette\/","og_site_name":"LocateRisk","article_published_time":"2024-07-18T10:09:14+00:00","article_modified_time":"2026-01-16T12:42:44+00:00","og_image":[{"width":632,"height":632,"url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png","type":"image\/png"}],"author":"Kristina Breuer","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kristina Breuer","Est. reading time":"24 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#article","isPartOf":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/"},"author":{"name":"Kristina Breuer","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/21e5a12d84c0f342634386c0ab61710d"},"headline":"Cybersicherheit in der digitalen Lieferkette","datePublished":"2024-07-18T10:09:14+00:00","dateModified":"2026-01-16T12:42:44+00:00","mainEntityOfPage":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/"},"wordCount":1298,"publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"image":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png","keywords":["CRA \u2013 Cyber Resilience Act","Digital Operational Resilience Act","DORA","EU-Richtlinie","Lieferkette","NIS2"],"articleSection":["Blog post"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/","url":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/","name":"Cybersecurity in the digital supply chain - LocateRisk","isPartOf":{"@id":"https:\/\/locaterisk.com\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#primaryimage"},"image":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png","datePublished":"2024-07-18T10:09:14+00:00","dateModified":"2026-01-16T12:42:44+00:00","description":"The most important cybersecurity regulations for companies in the EU and Germany and how automation supports compliance.","breadcrumb":{"@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#primaryimage","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2024\/07\/GDPR-DORA-NIS2-CRA-632px.png","width":632,"height":632,"caption":"Grafik zum Thema GDPR, DORA, NIS2, CRA"},{"@type":"BreadcrumbList","@id":"https:\/\/locaterisk.com\/cybersicherheit-in-der-digitalen-lieferkette\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/locaterisk.com\/"},{"@type":"ListItem","position":2,"name":"Cybersicherheit in der digitalen Lieferkette"}]},{"@type":"WebSite","@id":"https:\/\/locaterisk.com\/de\/#website","url":"https:\/\/locaterisk.com\/de\/","name":"LocateRisk","description":"Measure and compare IT security","publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/locaterisk.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/locaterisk.com\/de\/#organization","name":"LocateRisk","url":"https:\/\/locaterisk.com\/de\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","width":1920,"height":1080,"caption":"LocateRisk"},"image":{"@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/locaterisk\/"]},{"@type":"Person","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/21e5a12d84c0f342634386c0ab61710d","name":"Kristina Breuer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7a648236f7b10a01aa9df8b4eb163c9868927150ca83c0f6462b6151fbbe1fe5?s=96&d=mm&r=g","caption":"Kristina Breuer"}}]}},"_links":{"self":[{"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/posts\/5261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/comments?post=5261"}],"version-history":[{"count":108,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/posts\/5261\/revisions"}],"predecessor-version":[{"id":7460,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/posts\/5261\/revisions\/7460"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/media\/5306"}],"wp:attachment":[{"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/media?parent=5261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/categories?post=5261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/locaterisk.com\/en\/wp-json\/wp\/v2\/tags?post=5261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}