Security concept according to §166 TKG (old §109 TKG)
We have been creating security concepts and supporting our customers during internal and external audits by the Bundesnetzagentur (BNetzA) since 2001. We are also happy to support you in setting up or updating your security concepts and implementing other BNetzA recommendations. With our experience and structured approach, we keep the overall effort to a minimum and minimise internal and external costs.
Tasks
We take care
Telecommunications providers are obliged to submit a security concept to the BNetzA immediately after commencing network operation. They must ensure that their networks and services are protected against unauthorised access and attacks. If necessary, security incidents must be responded to quickly and effectively in order to minimise potential damage to customers.
Together, we create an overall concept that is based on the specifications of the BNetzA and in conjunction with the recommendations of the BSI and leaves little room for misinterpretation in accordance with the legal requirements [based on § 166 TKG (old § 109 TKG)]. The security concept can also be used as the first step towards IT-Grundschutz or ISO/IEC 27001 certification.
Benefits
At a glance
Legally compliant
Thanks to our extensive experience and structured approach, we ensure that companies are legally compliant to standards, avoid fines and minimise and prevent potential attacks.
Reduced overall effort
Our tested basic concept, which can also be easily docked onto the existing infrastructure, saves you time, internal effort and the search for suitable specialised personnel.
Always up to date
Our close links to the relevant associations and our involvement in standardisation committees enable us to respond to changes in legislation or standards at an early stage.
Futureproof
The annual update service adapts the concept to all new legal requirements and thus provides additional security.
Information
Background and details
According to the Telecommunications Act (TKG §165, No. 1), telecommunications providers are obliged to provide comprehensive protection for network subscribers and to implement the "state of the art". In addition, TKG §166 defines that the Bundesnetzagentur publishes a catalogue of security requirements that must be implemented. The current catalogue, dated 29.04.2020 (version 2.0), still refers to the old legislation (TKG before 01.12.2021). This is currently creating a lack of clarity in the regulations, which will hopefully be closed by a new publication this year (2022).
The current catalogue calls for the establishment of "sustainable safety management". For the development of "sustainable safety management", it is advisable to take a systematic approach based on existing standards:
Our experience has shown that due to the complexity and the requirement to implement the "state of the art", this simplifies the procedure and the overall effort.
The Telecommunications Act stipulates (TKG §166, No. 2) that the security concept must be submitted to the Bundesnetzagentur immediately after the start of network operation.
Whether a security concept must be submitted immediately after the start of operations depends on the company's actual activities. It must first be categorised whether a public telecommunications network (required under Section 5 TKG) is operated or only a telecommunications service (required under TMG) is provided. If you come to the conclusion that you are only providing a telecommunications service, you can still be obliged by the Bundesnetzagentur to submit a security concept. The distinction here is not entirely trivial. We will be happy to help you with the categorisation.
Regardless of the obligation to submit a security concept, a security concept must always be drawn up. (see TKG § 166 No. 1)
Team
Reliable contacts
From the initial consultation to the finalised security concept, we are at your side and ensure that you are optimally positioned in accordance with the legal requirements at a low effort.
Mathias Handsche
Managing Director
Contact us
We are here to help you
Contact us by post, in person or by e-mail!