Approximately 29,500 German companies must adapt their cybersecurity to NIS2 requirements and conduct systematic compliance planning within a compressed timeline.
Companies with 50 or more employees must structure and document their cybersecurity governance according to the NIS2 Directive to address regulatory requirements and fines.
Companies that modify AI systems may be classified as providers under the EU AI Act and must meet compliance requirements; careful assessment of whether modifications are material is necessary—particularly for high-risk systems and GPAI models with altered generality or risks.