Many organizations struggle with compliance to the EU's NIS2 Directive due to complex supply chains, outdated infrastructure, and insufficient cybersecurity investment. ENISA warns that several critical sectors, like ICT and healthcare, face significant challenges. In contrast, industries such as electricity and banking show more cybersecurity maturity. Additionally, inconsistent national regulation and capacity issues hinder compliance efforts across EU member states. Recommendations for improving compliance include conducting risk assessments, establishing clear asset visibility, appointing NIS2 leaders, and implementing strong incident response plans.
https://www.itpro.com/business/policy-and-legislation/nis2-why-are-firms-struggling-to-comply