The rush is on. With just over a third of eligible companies having met the March 2026 registration deadline under Germany’s NIS-2 implementation act, specialised training providers are seeing explosive demand for their courses. The Bundesamt für Sicherheit in der Informationstechnik (BSI) set a cutoff that only 38.5 percent of roughly 29,000 affected firms across 18 sectors managed to hit. That leaves a gaping hole — and a lucrative market for compliance education.
Financial exposure for laggards is severe. Penalties can reach ten million euros or two percent of global annual turnover, whichever is higher. Board members and managing directors also face personal liability. On top of that, companies must report significant security incidents within 24 hours. A seminar on precisely these notification duties is scheduled for June 10, hosted by experts from G DATA CyberDefense AG.
Course offerings are proliferating. Heise/iX runs BSI-certified “IT-Grundschutz-Praktiker” workshops — for example from July 14 to 16 or September 15 to 18 — aimed at information security officers. A one-day “Incident Management & Fehlerkultur” session on June 9 in Hamburg costs 995 euros per participant and promises IT managers techniques to slash downtime dramatically.
Parallel to the cybersecurity scramble, artificial intelligence is reshaping workplace rules and triggering a parallel wave of training. Personnel departments and operational processes are integrating AI, creating friction between innovation and employee protections. On June 12, the Deutsche Anwaltverlag holds a webinar on AI-driven performance management, zeroing in on discrimination risks in automated staff appraisals and works council co-determination rights. Beck-Seminare counters with a June 22 course on the tension between AI and data protection.
For HR and legal teams, practical application of the General Data Protection Regulation (GDPR) to new technologies is central. The FFD Forum Datenschutz runs a seminar this Thursday covering customer data protection, with emphasis on the e-Privacy Regulation and deletion obligations. Industry reports point to mounting attention on Google Gemini and AI agents as transparency duties under Articles 12 et seq. GDPR tighten.
As workplaces navigate new compliance demands, one area that often gets overlooked is the foundational duty to document and manage physical risks. A free toolkit with 41 ready-to-use templates helps you map out hazards, from fire safety to lone working, keeping your records audit-ready. Download the free Risk Assessment Toolkit
Public administration and the judiciary are catching up too. The NSI HSVN launched a training series on June 3 for municipal authorities in Hannover, Braunschweig and Oldenburg, focusing on e-government, IT security and digital transformation. Lawyers meeting their mandatory continuing education under §15 FAO can pick from several June dates: a June 10 session on the EU Pay Transparency Directive and international data transfers; June 11 on the EU Packaging Regulation (PPWR) and its impact on medical technology; June 18 covering construction law and leadership management in legal departments; and June 23 on IT law fundamentals and bogus self-employment.
Regional bodies are also stepping up. The VHS Lübeck hosted a talk on digital legacy on June 4. The IHK Magdeburg offers a session on June 11 about IT requirements analysis and cost optimisation, tailored to small and medium businesses seeking to streamline their digital infrastructure.
