The point: Approximately 29,500 enterprises in the DACH region report significant difficulties implementing the NIS2 Directive within the prescribed timelines.
Around 29,500 enterprises in Germany, Austria, and Switzerland report major challenges in implementing the NIS2 Directive. Compliance requirements demand extensive technical and organizational measures within defined timelines.
According to AD HOC NEWS, approximately 29,500 enterprises in the DACH region are struggling with the practical implementation of the NIS2 Directive. The European Directive on Network and Information Security requires operators of critical infrastructure and large enterprises to implement comprehensive cybersecurity measures and maintain ongoing documentation.
For CISOs, NIS2 compliance presents a threefold challenge: First, security measures must be demonstrably embedded in a consistent governance framework. Second, audit trails, incident response processes, and supplier management require documented standards. Third, the Directive mandates the inventory of critical assets and continuous risk assessment — a process many organizations are systematically undertaking for the first time.
Particularly small and medium-sized enterprises report resource constraints in implementation: lack of specialized expertise, unclear demarcation from existing standards such as ISO 27001 or BSI C5, and insufficient IT budgets complicate compliance. In parallel, national implementation laws impose varying additional requirements, hindering cross-border harmonization.
Source: news.google.com · Published 28 May 2026
Lumi AI News — AI-assisted curation according to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.2.