Skip to content

NIS2 Compliance: 62 Percent of Companies Missed March Deadline

The Bottom Line: A majority of German companies has exceeded the regulatory implementation deadline for NIS2 and thereby risks fines and compliance gaps.

62 percent of companies in Germany missed the compliance deadline for the NIS2 Directive in March. The implementation of EU requirements for network and information security is thus significantly behind schedule.

According to current data, 62 percent of surveyed companies missed the March 2024 deadline for implementing the NIS2 Directive. This compliance rate indicates substantial delays in integrating EU requirements for network and information security into operational systems.

For CISOs and security officers, this presents a dual challenge: on one hand, organizational and technical measures to meet NIS2 requirements must be caught up — such as incident response processes, vulnerability management, and supply chain security. On the other hand, delayed or incomplete implementations create significant regulatory risks, as supervisory authorities are already initiating control procedures.

At this stage, companies should prioritize their compliance gaps: which technical and organizational NIS2 requirements are still not met, which systems and processes are affected, and to what extent external service providers must be involved. A thorough gap analysis and a structured remediation plan reduce both sanction risk and security vulnerabilities.


Source: news.google.com · Published June 26, 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: