The point: Over 10,000 companies missed the NIS2 registration deadline of 31 July 2024 and are now non-compliant with the Directive.
As of 31 July 2024, over 10,000 companies failed to fulfil their NIS2 registration obligation. This presents enforcement challenges for regulatory authorities and compliance risks for enterprises.
Following the implementation of the NIS2 Directive into German law, 31 July 2024 was the deadline for operators of critical infrastructure and digital service providers to register with the competent authorities. Over 10,000 companies allowed this deadline to pass without completing their registration.
For CISOs and security officers, this means their organisations are now formally non-compliant. NIS2 provides for notification obligations, security requirements and periodic reviews. Unregistered companies do not fulfil these obligations and expose themselves to the risk of fines.
Regulatory authorities at federal and state level must now decide how to proceed with unregistered companies. Typically, requests for remedial action follow first. CISOs should complete the registration promptly and document when their organisation submitted the notification to the authorities.
Source: news.google.com · Published 9 July 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.3.