Resources
/
Guides
Articles & Guides
Practical guides to implementing NIS2 in healthcare — from the MVZ roadmap to ransomware emergency plans and the operational interpretation of Section 30 BSIG. Written for decision-makers looking for concrete answers — not generic introductory texts.
AWARENESS & VM · 11 MIN
Awareness training and vulnerability management under Section 30 of the BSIG
Section 30 of the BSIG requires cyber hygiene, training, and systematic vulnerability management. What that means in practice — from phishing simulations to a clinically prioritized vulnerability scan.
PHISHING & LAW · 8 MIN
Legally compliant phishing simulation: Works Constitution Act, GDPR, works council
In Germany, phishing simulations rarely fail because of the technology — but because of the works council. What should be included in the works agreement, which works council objections are predictable, and how to carry out the first campaign.
MVZ & PRACTICES · 12 MIN
NIS2 for medical care centers and practice networks: obligations, thresholds, roadmap
Around 1,000 medical care centers (MVZ) have been subject to NIS2 for the first time since 2026. Thresholds, obligations under Section 30 BSIG, managing director liability, reporting requirements — and an 8-week roadmap for outpatient structures.
INCIDENT RESPONSE · 12 MIN
Ransomware in the Clinic: Emergency Plan for 24 Hours, 72 Hours, and 30 Days
A ransomware incident in a hospital is not an IT glitch, but a patient care crisis. The operational roadmap from detection to the final BSI report — with lessons learned from real incidents.
MORE RESOURCES
Guides alone are not enough. Webinars and templates complete the picture.
For visual and interactive learning formats, we offer live webinars with Q&A. For operational implementation, ready-to-use templates are available — reporting templates, checklists, and playbooks for use in German-speaking contexts.