NIS2 penalizes inadequate risk management with fines up to €10 million, obligating CISOs to maintain comprehensive documentation and regularly review their security measures.
The national implementation law (NISG) 2026 anchors the EU NIS2 Directive in Austrian law and expands cybersecurity and reporting requirements for critical infrastructures and important entities.
First NIS2 compliance reviews conclude on 30 June, revealing widespread implementation gaps among critical infrastructure providers and large enterprises.
Companies operating AI systems are liable for their erroneous outputs just as they are for employee mistakes and cannot shield themselves through the technical nature of the system.
Saxony expands police powers to include AI-powered suspect search and facial recognition, requiring CDOs to intensify data protection monitoring and compliance for biometric data processing.