NIS2 in 2026: Why cybersecurity is now a top priority
The grace period is over. By 2026, the NIS2 Directive will have moved from theory to full operational practice. For many companies, especially SMEs, this means a radical paradigm shift.
Lars Pennekamp, Managing Director of TIGGES DCO, talks about this in the tenth edition of LIR Magazine for Germany(The Legal Industry Reviews). The digital format is produced in collaboration with leading German commercial law firms and highlights current developments in the legal industry.
The most important takeaways for decision-makers:
- From IT issue to governance imperative: cyber security is no longer just an “IT project”. It is a central component of corporate governance and compliance.
- Personal liability of the management: Delegating to the IT department is not enough. The management must approve and monitor measures and can be held personally liable if they fail to do so.
- Strict reporting obligations: The clock is ticking for security incidents. The first report often has to be made within 24 hours. Without clear processes, there is a risk of severe fines.
- Holistic approach instead of isolated solution: NIS2 works best when it is dovetailed with existing structures (GDPR, risk management).
Conclusion: Those who see NIS2 as an opportunity to strengthen their operational resilience will secure the trust of customers and partners in a networked economy in the long term.
Click here for the current issue of LIR Germany.
We would like to thank the LIR team for the great cooperation and professional implementation and are already looking forward to the next issue.