NIS2 Directive mandates enhanced information security for around 29,500 German companies, impacting SMEs by shifting responsibility to top management. Key obligations include implementing an Information Security Management System (ISMS), risk management, compliance reporting, and business continuity plans with fines up to €10 million. The regulation integrates with existing laws like GDPR, creating a comprehensive governance framework essential for economic stability and supply chain security. Immediate actions for companies include assessing impact, establishing ISMS, embedding risk management, and ensuring management accountability.
https://morethandigital.info/en/nis2-in-detail-for-small-and-medium-sized-enterprises/