Cookie consent(s)
We use cookies to personalize content and ads, provide social media features, and analyze traffic. This is done only with your explicit consent. By clicking "ACCEPT ALL," you agree to the processing and sharing of your data with our partners for social media, advertising, and analytics, including in third countries in accordance with Art. 49(1)(a) GDPR and Art. 17(1)(a) FADP (Switzerland). There is a risk that your data may be monitored by authorities without legal recourse. You can change or revoke your consents at any time in the data privacy settings .
Data protection declaration | Legal notices
Settings

NIS2 Directive Compliance – Strengthening Cybersecurity with DEKRA

Sep 08, 2025

Enhance security, manage risks, and demonstrate regulatory compliance with DEKRA’s Cybersecurity Readiness Assessment to identify gaps and strengthen your company’s cyber resilience.

The NIS2 Directive is the European Union’s latest cybersecurity regulation, developed to address the growing number of cyber threats. It significantly broadens its scope, affects more companies across more sectors, and requires effective protection measures. Its aim is to safeguard critical infrastructures and businesses and to increase resilience against cyberattacks.
For organizations, this means greater responsibility, stricter requirements, and higher liability risks in the case of non-compliance. With DEKRA’s NIS2 Expert Audits and Cybersecurity Readiness Assessments, your company can close compliance gaps and build trust with stakeholders.

“Compliance with NIS2 is not only a legal obligation — it is a strategic advantage. Organizations that act proactively protect their business and reputation"

Diana Balaj, Cybersecurity Team Lead at DEKRA Assurance Services GmbH
As an EU directive, NIS2 must be transposed into national law in all member states. Some countries, such as Belgium, Italy, Croatia, and Hungary, have already done so. In Germany, the NIS2 Implementation and Cybersecurity Strengthening Act (NIS2UmsuCG) has been drafted. Due to the 2025 elections, however, it is not expected to come into effect until late 2025 or early 2026. This delay offers valuable preparation time for businesses—but waiting is risky. Non-compliance can lead to fines of up to €10 million or 2% of global annual revenue, in addition to personal liability for management.
Experts estimate that around 150,000 companies in the EU will be subject to NIS2. The directive applies to essential entities—large organizations in critical sectors—and important entities, which include medium-sized companies in regulated industries. It also covers public authorities and institutions.
Compared to its predecessor, NIS2 significantly expands its scope and raises the bar for cybersecurity measures. Organizations must implement modern risk management systems, incident reporting, business continuity, supply chain security, employee training, monitoring, and transparency practices to remain compliant.

Take Action Now

Don’t wait. With DEKRA’s NIS2 Expert Audits and Cybersecurity Readiness Assessments, you can:
  • Identify gaps in your cybersecurity
  • Implement best practices in line with NIS2
  • Ensure full compliance and avoid costly penalties
Protect your business, strengthen your resilience, and secure the future of your cybersecurity.

Frequently Asked Questions (FAQ)

Who needs to comply with NIS2?
Large and medium-sized organizations in critical and regulated sectors, as well as public authorities, must comply. Indirectly, companies that are part of a NIS2-relevant supply chain are also affected.
Which sectors are considered essential under NIS2?
What is the difference between essential and important entities?
What are the main requirements of NIS2?
What penalties apply in case of non-compliance?
When will NIS2 come into effect in Germany?
Does NIS2 also apply to non-EU companies?
How does NIS2 differ from the GDPR?
Will NIS2 requirements evolve over time?
Can DEKRA support NIS2 compliance outside the EU?
NIS2 Expert Audits – Cybersecurity Readiness Assessment
Secure your NIS2 compliance with DEKRA's tailored risk assessment and implementation roadmap.
more Information
Show all articles