The NIS2 Directive covers approximately 30,000 additional companies that must align their cybersecurity governance and technical controls with EU-wide standards.
Temporary onboarding passwords distributed via email or SMS and not consistently changed create unnecessary security risks for companies and violate NIS2 standards.
Data sovereignty through local cloud infrastructure is necessary but insufficient — true control requires robust identity governance and transparency over metadata, encryption keys, and access protocols.
The EU launches infringement proceedings against France and Spain for failing to transpose the NIS2 Directive into national law after the transposition deadline expired.
NIS2 requires enterprises to implement structured cybersecurity risk management and governance; identifying the scope of application is the first step.
