IT security regulations

IT compliance and data protection regulations for your company or organization

IT security solutions for compliance with legal requirements

In an increasingly connected world, cyber attacks pose a serious threat to enterprises and public authorities. For this reason, all sectors of the economy, be it the finance and insurance industry, the energy sector or the health sector, are subject to increased legal regulation of IT security and data protection.

Rohde & Schwarz Cybersecurity offers comprehensive solutions to protect your connected infrastructures against cyber threats. Our proactive hardware and software solutions support you in setting up technical measures to comply with legal standards such as

  • the General Data Protection Regulation (GDPR),
  • the Directive on security of network and information systems (NIS directive),
  • the Payment Services Directive (PSD2),
  • the Payment Card Industry Data Security Standard (PCI DSS)
  • In Germany the Online Access Act (OZG).

Which legal requirements apply to providers of digital services, apps & data processing companies?

  • As a provider of digital services such as online marketplaces, search engines and cloud computing services, you are obliged to comply with a certain IT security level. The latter must be in accordance with "the state of the art" technology. On top of that, you need to report incidents as required by § 8c BSI-Act (BSI is the Federal Office for Information Security in Germany).
  • As a provider of so-called tele media services such as operators of websites or apps with online functions, you are obliged to take "IT security measures" in accordance with §13 section 7 Telemediengesetz (TMG).
  • Data processing companies have the obligation to take IT security measures and standards and to report IT security incidents to supervisory authorities. This obligation arises from articles 31 and 32 of the General Data Protection Regulation (GDPR), which applies to every company that processes personal data. This is to establish a "risk-appropriate security level of the personal data processed" in the companies.

Benefits of our solutions for compliance with legal regulations & guidelines

  • Compliance with the applicable legal standards for IT security, information technology and data protection.
  • Setting up the technical requirements and business processes to meet the current legal requirements for cyber security.
  • Advisory materials and webinars on GDPR, the EU Directive on security of network and information systems (NIS directive), the Payment Services Directive (PSD2), the Payment Card Industry Data Security Standard (PCI DSS) or, in Germany, the Online Access Act (OZG)

If you have further questions please contact us.

Our solutions for IT security regulations

Online Access Act (OZG)

Digitalization in administrations & government agencies

More information


Cybersecurity solutions and consulting services for GDPR compliance

More information

NIS directive

Is the NIS directive on your radar?

More information


Cybersecurity solution for PCI DSS compliance.

More information


Are you ready for the era of open banking?

More information


VS-NfD: Rohde & Schwarz Cybersecurity secret protection

More information

Featured content for IT security regulations

OZG Booklet

In this booklet, all the important factors on the subject of the Online Access Act are summorized.

Register now

White paper: The NIS directive decrypted

Decipher the NIS Directive thanks to our white paper produced jointly with Mathieu Poujol, Head of Cyber Security at Technology Group.

Register now

White paper: PCI DSS compliance

This white paper illustrates how R&S® Web Application Firewall can help companies and organizations achieve PCI certification.

Register now


What is IT compliance in IT security?

IT compliance refers to the compliance with legal, organizational and contractual regulations in the area of IT security.

What is the IT Security Act (IT-SiG)?

The "Act to Increase the Security of Information Technology Systems", also: IT Security Act or IT-SiG / ITSiG concerns telecommunication companies, providers of digital services and operators of critical infrastructures.

To which providers of digital services does the IT security level apply – according to the state of the art as defined by the BSI law?
  • Online marketplaces
  • Online search engines
  • Cloud computing services
  • Telemedia service provider
Your monthly cybersecurity update

Your monthly cybersecurity update

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

I want to receive information from Rohde & Schwarz via

Marketing permission

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.