Flyout Menu

NIS-2

  • NIS2 is coming – are you prepared?

On July 30, 2025, the German Federal Cabinet adopted the NIS2 Implementation Act (NIS2UmsuCG). This marks a significant increase in cybersecurity requirements for approximately 30,000 companies across Germany. New obligations in risk management, stricter reporting requirements, and expanded supervisory powers for the Federal Office for Information Security (BSI) are creating substantial pressure to act.

The legislative process is proceeding as planned, and the law is expected to come into force before the end of 2025. Important: There will be no transitional periods. Once the law is enacted, its provisions must be implemented immediately – a point repeatedly confirmed by the Federal Ministry of the Interior.

Many companies now face complex requirements, often lacking the necessary internal expertise. That’s why we offer a specially developed service package to help you prepare for NIS2 – enabling you to act in a timely and legally compliant manner.

Our NIS2 Preparation Service Package

With many years of experience – especially in the KRITIS (critical infrastructure) sector – we provide comprehensive support for your preparation and successful implementation of the NIS2 requirements. Our modular service package includes:

  • NIS2 Workshop
    Introduction to the legal foundations and awareness-building for the specific actions required in your organization.

  • NIS2 Impact Assessment
    Evaluation of whether your organization falls under the scope of the NIS2 Directive or the NIS2UmsuCG – clear, traceable, and legally sound.

  • NIS2 Gap Analysis
    Identification of existing gaps in relation to legal requirements – forming the basis for targeted measures.

  • NIS2 Training for Executives and Board Members
    Clarification of management responsibilities and derivation of concrete steps to fulfill legal obligations.

NIS2 Coaching & ISMS Integration

Sustainable implementation of requirements through:

  • Establishment or expansion of an effective Information Security Management System (ISMS)
  • Implementation of a structured reporting system
  • Development of monitoring mechanisms for continuous effectiveness control

 

As of March 1, 2024, ISO 27002:2022 must be applied by all network operators and operators of energy facilities classified as critical infrastructure. Starting November 1, 2024, ISO 27001:2022 will also become mandatory for these entities.

In light of the upcoming challenges associated with the transition to the new standards, we offer expert consulting and support to help you migrate your existing ISMS to ISO 27001:2022.

Your Benefits

With our NIS2 preparation package, you not only ensure legal compliance but also strengthen your overall information security strategy in a targeted way:

  • Fulfillment of legal requirements in accordance with the NIS2 Implementation Act
  • Protection of critical business processes through preventive security measures
  • Transparent overview of IT risks – as a foundation for targeted protective actions
  • Avoidance of liability risks through documented and effective implementation
  • Efficient use of investments thanks to clear prioritization
  • Increased effectiveness, efficiency, and sustainability of information security
  • Competitive advantage through successful certification – as a visible proof of quality
Request now
Contact

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Name*
Data privacy*