Translations:HITGuard Release April 2025/7/en

With this version we offer a new standard for import:

• NIS-2-Richtlinie: Richtlinie (EU) 2022/2555 des Europäischen Parlaments und des Rates

vom 14. Dezember 2022 über Maßnahmen für ein hohes gemeinsames Cybersicherheitsniveau in der Union Standards can be imported under Administration > Standards & norms.

These norms were already available for import; maybe you are already actively using them. You do not need to make any changes here; the update happens automatically for you.

• EN IEC 62443-2-1:2019 Draft becomes EN IEC 62443-2-1:2024
• NIS Anforderungskatalog becomes KRITIS Maßnahmenkatalog (renaming) and contains the addition of the new chapter 13

Note: Should you have already imported a previous version, then this standard is automatically updated to the newer version

As of right now, the ISO 27001:2022 as well as the ISO 27002:2022 are available entirely in German. Contents and structure are not affected by this change. Should you still want to employ an entirely English version, please contact us under support@togethersecure.at.

The mappings of the standard 27001:2022 were expanded to the new standards (NIS-2 Richtlinie) and their new chapters (KRITIS Maßnahmenkatalog chapter 13), respectively.

The VDA VDA (Verband der Automobilindustrie e.V.) has changed their procedure in that the VDA ISA catalog will be developed in the primary language English first from now on. Therefore, HITGuard continues to offer the standard in English by default. Should you want an entirely German version, please contact us under support@togethersecure.at.

In Administration > Standards and norms | Linked elements you can view all elements that are linked with individual standard chapters: that is documents from the doc management, risks/opportunities, measures, and controls. A new checkbox allows you to also view all elements that are linked with related chapters (subsequent mappings).

Example: The screenshot shows that a risk and a measure are linked directly to the NIS-2-Richtlinie. As the directive maps onto some chapters of the ISO 27001:2022, further elements show up when mapped norm chapters are included.

Documents found under Administration > Standards and norms | Linked elements (only possible with a licensed Doc management) can now be opened for viewing in a new tab by clicking on them. Or you use the link button, which takes you to where the document is embedded in the folders structure of the Doc management.

In My tasks you find the dashboards with the individual blocks of tasks, e.g., measures or controls. Tasks to be performed are not only shown in bold there now, but also listed first, so you never lose sight of them.

The entire tool now offers the possibility of heightening the contrast to better recognize e.g., tables, menu items, or buttons and badges.

To make profile settings easier for you, we have repositioned the various buttons and options on the profile page and added detailed explanations.

To further improve security when using username and password, the minimum password length has been changed from ten to twelve characters.

Another new safety feature is that Experts in HITGuard can configure that 2-factor-authentication must be used when logging in with username and password. Users who use username and password can then not access HITGuard until they have configured a second factor.

The same option is available for the supplier portal, for which 2FA can also be enforced.

Caution: The option for the enforcing of 2-factor-authentication is automatically set with the update but can be deactivated by an Administrator or Expert upon their first login.