Approximately 1,300 CRITIS operators must register by July 17 under the CRITIS Umbrella Act and will thereby be subject to stricter cybersecurity and reporting obligations.
Mid-sized enterprises must manage NIS2 requirements, DADG obligations, and EU AI Act compliance in parallel, which consolidates resources and expertise.
Only approximately 40 percent of an estimated 29,500 companies subject to NIS2 obligations have registered so far, indicating systematic compliance gaps.