Cybersecurity - vdma.eu

The HANSA Forum is approaching. VDMA members receive a 20% discount on the regular ticket price.

Invitation to the expert meeting on medical device development in the area of conflict between the NIS2 Directive and the Cyber Resilience Act on October 22, 2025 in Eckental near Nuremberg.

In 2025, the VDMA and the ZVEI are once again organizing the "Technology Stage powered by VDMA/ZVEI" forum at SPS - with exciting presentations and lively panel discussions.

The draft of the NIS-2 Implementation and Cybersecurity Strengthening Act (NIS2UmsuCG) introduced by the German government will be discussed in the Bundestag tomorrow.

Updated policy briefing on China’s Personal Information Protection Regulation (PIPL)

The VDMA Glass Technology Forum is advancing two important standards that will enhance the safety of hollow glass machinery and strengthen competitiveness across Europe.

September 15 and 16, 2025, Hamburg. Discounted participation for VDMA members.

Did you miss the last Regul8 of the Materials Handling and Intralogistics Association? No problem, you can watch the presentation and talk on the NIS2 Directive again here.

Risk-based OT security: A practical guide to help plant operators and asset owners get started with risk management and threat evaluation

The VDMA regulatory cockpit provides you with a central, practical overview of current and upcoming regulations. It helps you identify relevant information at an early stage, evaluate it strategically, and derive concrete measures.

Industrial security is increasingly important in mechanical engineering as networked systems face growing attacks. The VDMA calls for EU-wide standards and SME support to meet security needs.

A new VDMA study shows: for the first time, social engineering and phishing are the biggest cyber threats to companies, followed by human error and sabotage

Erleben Sie am 08.-09. Mai 2025 in Wien spannende Vorträge und Podiumsdiskussionen zu Digitalisierungslösungen im Maschinen- und Anlagenbau.

VDMA Power Systems is highlighting the topic of cyber security and the Cyber Resilience Act in this session of the event series "With new knowledge into 2025".

SAUTER Germany and VDMA at the ISH 2025

New requirements apply to products with digital components. Manufacturers must now ensure cyber security throughout the entire product life cycle - even for integrated software! An update on responsibilities and deadlines.

On November 28, 2024, VDMA Austria held its annual exchange of experience on Industrial & Product Security in mechanical and plant engineering with 40 participants at the headquarters of the TGW Logistics Group in Marchtrenk.

After the very weak economy in 2024, hopes are pinned on markets picking up in 2025 / Politicians must set business-friendly framework conditions

The Cyber Resilience Act (CRA) was published in the Official Journal of the EU on 20.11.2024. The act is an EU Regulation that has legal effect in the European Union and the European Economic Area (EEA) without national implementation.

In order to prepare SMEs in NRW for the challenges of cyber security and to sustainably improve the IT security landscape, the state of NRW has created a NIS2 contact point that NRW companies can use.

From March 31 to April 4, 2025, the world's leading trade fair for industry will take place under the motto "Shaping the Future with Technology". VDMA Software and Digitalization members will have the opportunity to present themselves there.

In 2024, the VDMA and the ZVEI are once again organizing a forum for the SPS, the "Technology Stage powered by VDMA/ZVEI" with many interesting presentations and panel discussions.

Impact on mechanical and plant engineering in conjunction with electrical automation

The mechanical and plant engineering industry does not have to think about cybersecurity alone. Companies that support the manufacturing industry with services and solutions can exchange ideas and cooperate within this expert’s circle.

Take advantage of our seminar series "Cybersecurity according to IEC 62443", developed in cooperation with ISA Europe and Fraunhofer IOSB, to acquire your personal ISA certificate as an ISA/IEC 62443 Cybersecurity Expert.

Update! The Cyber Resilience Act (CRA) has been published and will enter into force on december 11th. The VDMA has compiled a FAQ document to provide support and non-binding guidance to its members.

The VDMA Industrial Security Working Group publishes the OT Risk Cookbook

The Industrial Security working group makes the complete Supply Chain Security document series freely available

The European Union's Cyber Resilience Act affects many products and components in the mechanical engineering sector. Companies should quickly identify the extent to which they are affected and take measures to ensure compliance and product security.

Meet the digitization experts at the VDMA Software and Digitization stand to exchange experiences.

A text file on the website for better cyber security? Manufacturers can achieve this with security.txt. A simple and essential step towards addressing vulnerabilities.

The new safe lock standard offers enhanced protection against new attack methods.

VDMA Informatik publishes the requirements specification for component manufacturers

VDMA Ost has set up an information technology working group. The kick-off event focused on IT security in day-to-day business. Experts raised awareness and gave tips on prevention and what to do in an emergency.

As of August 1, 2025, new mandatory cybersecurity requirements apply to radio equipment when being placed on the EU internal market.

In pharmaceutical companies, the need for fast, lean processes is increasing. In this context, digitization can help shorten market entry times, while maintaining and even improving product quality. However, players must also arm themselves against threats.

Description

How to turn your team into a human firewall!

These cybersecurity obligations are coming to mechanical engineering companies

The VDMA Supplier Self-Assessment is a standardised questionnaire that companies can use with suppliers regardless of specific procurement purposes. Highly topical with the mapping of regulatory requirements from MVO and CRA.

Our publications deal with various aspects of digitalization in mechanical engineering companies as well as cybersecurity and information security and serve as recommendations for action.

Erleben Sie die Zukunft des Maschinen- und Anlagenbaus! Besuchen Sie den Gemeinschaftsstand in Halle 15 F28 auf der Hannover Messe und entdecken Sie, wie digitale Softwarelösungen die produzierende Industrie revolutionieren!

The new version of the NIS directive will in future oblige manufacturers of "critical products" such as machines or control components to implement cybersecurity in their own operating environment.

The VDMA Supply Chain Security specification gives purchasers a standard-compliant aid to minimum requirements in accordance with IEC 62443, simplifying the process for both sides without sacrificing security.

Since September 1, 2022, new cybersecurity regulations have been in effect in China. VDMA's policy briefing shows the implications for the industry, especially for the transfer of personal data.

The number of hacker attacks in the mechanical and plant engineering sector is on the rise. More and more VDMA member companies are reporting attacks on office and production systems within the company. Already almost 40 percent of the attacks lead to production downtimes. How can medium-sized companies in particular arm themselves against attacks in advance or react correctly in the event of an actual attack?

The recommendations are addressed to machine and plant manufacturers and describe a minimum of technical, organizational and procedural requirements for the implementation of security for products (such as machines, plants, digital systems for predictive maintenance & condition monitoring, ICS controls, ...) and processes.

Updated guide with recommendations for data-centric business processes of European companies in China.

When the German Federal Office for Information Security (BSI) issues a cyber security warning of the highest alert level, industry is alarmed.

On November 1, 2021, the Personal Information Processing and Protection Law (PIP Law) came into force in China. For this purpose, VDMA together with Sinolytics has prepared a policy briefing with the view of the mechanical engineering industry.