Bottom line: 29,000 companies must register for NIS2 compliance by July 31 or risk fines and compliance violations.
The NIS2 Directive requires approximately 29,000 companies in Germany to register by July 31. Registration is a basic compliance requirement of the European cybersecurity regulation.
The National Authority for Cybersecurity and Information Security must complete registration of approximately 29,000 companies subject to the NIS2 Directive by July 31. These companies are classified as critical or important infrastructure operators and are therefore required to report.
The NIS2 Directive (Directive on measures for a high common level of cybersecurity) has been implemented into German law since October 2024 and obligates organizations to take measures such as incident reporting, security risk management, and cybersecurity minimum standards. Companies that miss their registration deadline risk fines and possible classification as non-compliant.
Compliance officers should review whether their organization is subject to registration requirements. Organizations frequently affected include operators of energy, water, transportation, financial, healthcare, and telecommunications infrastructure, as well as digital service providers. Registration takes place through the competent authorities at the federal or state level.
Source: news.google.com · Published June 19, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrasing and classification via Lumi News Pipeline v1.7.1.