German companies allocate most of their ICT budgets to business functions such as production, procurement, and operations in order to centralize business operations. Most German companies allocate their ICT budgets to “operation or maintenance operations” [1].

German market practice regarding information security depends largely on the security relevance of individual companies; in particular, whether the industry is considered critical infrastructure-related and whether the company handles sensitive personal data. However, European lawmakers are currently preparing a regulatory proposal for the Finance-related Digital Operational Resilience Act (“DORA”), which aims to strengthen the IT security of financial firms such as banks, insurance companies, and securities firms [2] ].

1. ICT Investment Trends in Germany – Data security is a priority among German enterprises.https://www.researchandmarkets.com/reports/4668163/ict-investment-trends-in-germany-data-securityAccessed 2023-03-07
2. Cybersecurity Laws and Regulations Germany 2023.https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/germany Accessed 2023-03-07