German hospitals, water utilities, telecommunications and other essential providers will face fines of up to 100,000 euros if they failed to meet minimum information security standards under legislation finalized on Friday.
The law passed its final hurdle in the upper house of the German parliament, the Bundesrat, comprising delegates from Germany's 16 Länder or regional states.
It obligates essential institutions to immediately notify severe cyber attacks on their systems or networks to the Federal Office of Information Security (BSI), based in Bonn.
These entities or firms are also required to obtain BSI clearance that their operations comply with minimum security standards.
Extra funding and personnel are to be provided to the BSI as well as Germany's investigative police service, the Office of Criminal Investigation (BKA), and the Cologne-based domestic intelligence agency, the Verfassungsschutz.
The BSI currently has about 600 employees.
In May, members of Germany's lower chamber of parliament, the Bundestag, were jolted by disclosures that their own Berlin network and terminals had been targeted in a severe cyber attack.
Residency law also amended
The upper Bundesrat chamber on Friday also endorsed changes to Germany's residency law, granting permission to remain to up to 30,000 foreigners whose presence in Germany had been tolerated for years under rules suspending deportation.
Eligible singles present for eight years must be able to speak German, have self-supporting incomes, and be free of criminal records.
On the flip-side, tougher rules on expulsion will apply to those judged to be not entitled to asylum protection.
In the Bundesrat, members of the Greens and Left parties, which are in opposition in the Bundestag parliament, criticized the increased usage of detention before deportation stipulated in the amended legislation.
Thursday was the Bundesrat's final session before its summer break; as is typical, the lawmakers had a string of proposals to clear prior to their depature.
ipj/msh (KNA, epd, dpa)