Bottom line: The NIS2 Directive requires companies from June onwards to implement stricter security controls when onboarding systems, services, and personnel.
From June onwards, companies subject to the NIS2 Directive must comply with strict new security requirements for onboarding systems and personnel. This affects particularly critical infrastructure operators and providers of digital security services.
The NIS2 Directive (Network and Information Security) comes into force in its new form from June onwards and significantly tightens requirements for cybersecurity processes. For organizations, this means concrete changes in integrating new systems, services, and personnel into existing IT infrastructures.
Compliance officers must now review and adapt onboarding processes. This includes access controls, authentication mechanisms, training requirements for new employees, and integration of third-party providers. Organizations are obligated to conduct security reviews before granting access and to document these continuously.
The new requirements apply to operators of critical infrastructure as well as to providers of digital services that fall under the NIS2 definition. Companies should promptly align their existing onboarding policies with the new regulatory requirements and initiate implementation measures.
Source: news.google.com · Published June 1, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.