In a nutshell: 30,000 German companies must enhance their IT security in accordance with the NIS2 Directive.
The EU NIS2 Directive obligates approximately 30,000 companies in Germany to tighten their IT security measures. This particularly affects critical infrastructure operators and digital service providers.
The European Union’s Network and Information Security Directive NIS2 compels a broad range of companies in the German-speaking region to adhere to higher security standards. Around 30,000 enterprises are affected – including operators of critical infrastructure in the energy, transportation, water, healthcare sectors as well as providers of digital services.
For CISOs, this means concrete new requirements: the Directive tightens IT security governance, mandates systematic risk management, incident response processes and regular security audits. Companies must document their measures and comply with incident reporting obligations – violations can result in substantial fines.
Organizations should promptly conduct an inventory of their current security measures and compare them against NIS2 requirements. Early implementation reduces compliance risks and helps avoid penalties.
Source: news.google.com · Published June 14, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.