The European Commission is already planning adjustments to the Network and Information Security Directive 2 (NIS2), even though the implementation of its guidelines into German law is still ongoing. This early revision indicates a dynamic approach to cybersecurity in the EU, adapting to the rapidly evolving threat landscape. The changes aim to enhance the directive’s effectiveness and address emerging vulnerabilities. NIS2, already in the process of being adopted, aims to create a higher common level of cybersecurity across the Union. It significantly broadens the scope of the original NIS Directive by including more sectors and entities. The original NIS directive, for example, excluded many industries from its requirements. These adjustments will affect various sectors, potentially including cloud computing providers, digital service providers, and essential service operators. The implications are far-reaching, as increased cybersecurity requirements will necessitate investments in protective measures and compliance efforts. The evolution of NIS2 underscores the EU’s commitment to fortifying its digital infrastructure and protecting its citizens and businesses from cyber threats.

Curated and translated by Europe Digital for our multilingual European audience.

Source Information

Publication: Heise Online

Published: January 21, 2026 at 02:13 PM UTC

All rights remain with the original publisher.