Skip to content

Low NIS2 Registration Rates: Companies Barely Registering with the BSI

In a nutshell: Companies are registering with the BSI at insufficient rates despite the requirements of the NIS2 Directive.

The Federal Office for Information Security (BSI) is recording low registration rates from companies under the NIS2 Directive. The sluggish registration rate indicates implementation obstacles in complying with new cybersecurity requirements.

According to a report in WELT, companies are registering with the BSI only to a limited extent, although this is a requirement of the NIS2 Directive. The directive obligates operators of critical infrastructure and providers of digital services to document their security measures and report them to the BSI.

For CISOs, this represents a dual challenge: they must not only implement the technical and organizational requirements of NIS2, but also ensure that their organizations comply with the statutory registration obligation. The low registration rates suggest that either there is uncertainty about the applicability of the directive, resources for implementation are lacking, or administrative processes have not yet been established.

The BSI, as a regulatory authority, will likely need to step up awareness and enforcement measures to increase the compliance rate. Companies should proactively assess whether they fall under the NIS2 definition and advance their registration with the BSI to avoid fines and regulatory consequences.


Source: news.google.com · Published 3 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.6.2.

Share on: