Skip to main content
Security images with locks

Privacy and security regulation

Privacy and security issues are at the core of digital strategies.

Furthermore, their impact on digital business models and organizational development is often a limiting factor for digital strategies. In Europe, data privacy and cyber security are subject to an increasing number of regulations.


The General Data Protection Regulation (GDPR) of the EU took effect in May 2018. This regulation requires a significant transformation of data protection processes and responsibilities, and even of companies’ privacy strategies. Notification of data breaches, impact assessments and data portability rules are just a few examples of newly introduced legal requirements that need to be implemented. The same is true for cybersecurity legislation. The EU directive on network and information security (NIS Directive) has forced the member states to establish or change their information technology (IT) security legislation. These changes affect providers of critical infrastructure services and digital service providers.


Both regulations have had a significant impact on technological development and innovation strategy. DSI research provides strategic approaches to meeting privacy and cybersecurity regulation without blocking business innovation.


Our team works on

  • Privacy and cybersecurity specific risk assessment models
  • Transformation of privacy and cybersecurity strategy to meet new regulatory requirements
  • Methodologies for the management of data protection and security compliance
  • Compatibility of technical requirements of data protection and IT security law
  • Joint models for data protection and cybersecurity governance and technologies
Meet our Experts

Heli Tiirmaa-Klaar

Director, DSI
+49 30 21231–1652

Dr. Henning Lahmann

Senior Researcher, DSI
+49 30 212 31-1658

Isabel Skierka

Researcher and Project Lead, DSI
+49 30 21231–1653