NIS2 is here: Are you ready for the new cybersecurity requirements?
The NIS2 Directive introduces new cybersecurity requirements that are crucial for companies in Germany.
NIS2 is here – are you ready?
The NIS2 Directive, introduced by the European Union, aims to strengthen the protection of critical infrastructures against cyberattacks. It was passed by the German Bundestag on November 13, 2025, and is expected to come into force at the beginning of 2026.
What is the NIS2 Directive?
The NIS2 Directive (Network and Information Security Directive) is the revised version of the current NIS1 Directive. According to the Federal Ministry of the Interior and Community, there are almost 30,000 companies in Germany that need to prepare for NIS2 compliance.
Liability of Managing Directors
One of the key changes is the personal liability for managing directors, board members, and other executives. In the worst-case scenario, penalties of up to 2% of annual turnover may be imposed for non-compliance.
The Path to NIS2 Compliance
The first step toward NIS2 compliance is to determine the status of all your IT assets. This involves identifying all hardware and software in use. Effective asset management is therefore essential to meet the requirements of the NIS2 Directive.
Conclusion
Companies should start preparing for the NIS2 Directive now to avoid legal and financial consequences. Compliance with the new requirements is not only a legal obligation but also a crucial step in protecting one's IT infrastructure.