Cookie consent(s)
We use cookies to personalize content and ads, provide social media features, and analyze traffic. This is done only with your explicit consent. By clicking "ACCEPT ALL," you agree to the processing and sharing of your data with our partners for social media, advertising, and analytics, including in third countries in accordance with Art. 49(1)(a) GDPR and Art. 17(1)(a) FADP (Switzerland). There is a risk that your data may be monitored by authorities without legal recourse. You can change or revoke your consents at any time in the data privacy settings .
Data protection declaration | Legal notices
Settings

DEKRA Positions Itself as a Global Leader in NIS2 Compliance

Digital Trust Against Looming Cyber Threats

Sep 24, 2025 Certification / Industrial / Audit / Cyber Security

DEKRA, a global leader in testing, inspection, and certification, is expanding its NIS2 services, helping organizations to build digital trust against cyber security threats. With the upcoming entry into force of the European Union's groundbreaking NIS2 Directive in all member states, companies worldwide are facing strict new cybersecurity requirements, say DEKRA experts. Non-compliance could result in heavy penalties for companies.

The NIS(Network and Information Security)2 Directive represents a major expansion of the original NIS Directive, significantly broadening its scope and severity. Unlike its predecessor, NIS2 casts a wider net, encompassing many more critical sectors such as public administration, wastewater management, manufacturing (e.g., medical devices, automotive), and postal services. The directive also introduces stricter security requirements for risk management, supply chain security, and incident reporting. Most notably, it raises the stakes for non-compliance dramatically, with potential penalties of up to €10 million or 2% of global annual turnover, alongside personal liability for management.
The expanded scope of NIS2 brings thousands of medium and large-sized entities in critical sectors under its purview. Furthermore, the reach of NIS2 extends beyond the borders of the EU. Non-EU companies that provide services to essential or important entities within the European Union, such as cloud computing providers, data storage services, or managed security providers, will also be impacted. These third-party vendors must ensure their cybersecurity practices meet the directive's standards.
While countries like Germany have a delayed implementation timeline (at the end of 2025), this provides a valuable window for preparation. DEKRA’s NIS2 services are designed to provide a clear path to compliance, offering:
  • Expert Audits & Cybersecurity Readiness Assessments: Identifying vulnerabilities and compliance gaps against the exacting standards of the Directive. Evaluating and enhancing an organization's cybersecurity posture, including risk management and incident response plans.
  • Supply Chain Security: Strengthening resilience across the entire vendor and partner ecosystem.
  • C-Suite NIS2 Knowledge Gap Analysis: Providing the expertise to implement best practices and meet mandatory reporting obligations. Providing the expertise to implement best practices and meet mandatory reporting obligations whilst ensuring your C-Suite and board members understand their personal liability and have the necessary knowledge to turn compliance into a strategic advantage.
For more information on DEKRA’s NIS2 Expert Audits and Cybersecurity Readiness Assessments:
www​.dekra​.com/en/nis2-expert-audits-cybersecurity-readiness-assessment/
Show all press releases