Digital incidents are no longer an exception, but a structural risk for organizations in both the public and private sectors. Data breaches, ransomware attacks, critical system failures, and disruptions at chain partners can have major consequences for the protection of personal data, the continuity of services, and the trust of citizens, customers, and regulators.

This dossier focuses on incident response and crisis management from the perspective of data, privacy, law, and governance. The central question is how organizations can effectively prepare for digital incidents, how they can make well-considered decisions under high time pressure, and how they can subsequently account for their actions and learn from what went wrong.

Attention is focused on both the legal frameworks—such as the GDPR, data breach reporting obligations, NIS2, and sectoral obligations—and the practice of crisis decision-making. What role do directors, CISOs, data protection officers, and communications departments play during an incident? How do transparency, reputation protection, and security relate to each other? And how do you deal with uncertainty, incomplete information, and public pressure?

This dossier also addresses the increasing chain dependency of organizations. Incidents often do not occur within the organization's own systems, but at suppliers, cloud providers, or other partners. What does this mean for responsibility, reporting obligations, and supervision? And how do you organize cooperation with regulators, CERTs, and other parties involved during a crisis?

Finally, there is a strong focus on the phase after the incident. How do you ensure that evaluations lead to real improvements in policy, technology, and culture? What does this require in terms of governance, supervision, and organizational change? And how do you prevent crisis management from being limited to damage control instead of structural learning?