IKT Asset
AINIS2CybersecurityIT Asset Management

NIS2 is here: Are you ready for the new cybersecurity requirements?

The NIS2 Directive introduces new cybersecurity requirements. Managing directors will be personally liable for compliance.

NIS2 is here

The NIS2 Directive was introduced by the European Union in 2023 to enhance the protection of critical infrastructures against cyberattacks. Following its passage by the German Bundestag on November 13, 2025, it is expected to come into force at the beginning of 2026.

What is the NIS2 Directive?

The NIS2 Directive (Network and Information Security Directive) is the revised version of the current EU-wide NIS1 Directive. According to the Federal Ministry of the Interior and Community, there are almost 30,000 companies in Germany that need to prepare for NIS2 compliance.

Personal Liability for Managing Directors

One of the key changes introduced by the NIS2 Directive is personal liability for managing directors, board members, and executive bodies. In the worst-case scenario, fines of up to 2% of annual turnover may be imposed.

The First Step Toward NIS2 Compliance

The first step toward compliance with the NIS2 Directive is to determine the status of all IT assets. This involves identifying all hardware and software in use.

Conclusion

The NIS2 Directive presents new challenges for companies that need to be addressed. Careful preparation and effective asset management are crucial for compliance and protection against cyber threats.