In a nutshell: Approximately 30,000 German companies must comply with the NIS2 Directive requirements to ensure their cybersecurity compliance.
The NIS2 Directive obligates around 30,000 companies in Germany to implement cybersecurity standards. The compliance deadline for critical infrastructures and service providers is coming into focus.
The NIS2 Directive (Network and Information Security Directive 2) of the EU obligates a significantly larger number of companies than the previous version. According to estimates, around 30,000 organizations in Germany are affected, including providers of critical infrastructures, essential services as well as providers of cybersecurity services and DNS infrastructure.
For compliance officers, this means concrete action requirements: companies must review their information security management systems, conduct risk assessments and, if necessary, take measures to meet the requirements. The Directive requires a risk-based security strategy as well as documented processes for incident reporting and management.
The implementation deadline is time-critical: companies should immediately clarify their applicability, determine the status of their current security measures and prioritize addressing missing elements. Gap management and documentation of compliance activities are central to audits and evidence for regulatory authorities.
Source: news.google.com · Published 12 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.