The NIS2-Richtlinie simply explained
The NIS2-Richtlinie (EU 2022/2555) is the revised European framework for cyber and information security. It replaces the NIS1 Directive and significantly expands the scope of affected companies — especially in manufacturing SMEs and critical supply chains.
The goal is a consistently high level of security across the EU: companies must systematically manage risks, report incidents, and implement technical and organizational measures according to the state of the art.
For OT operators, this means: asset transparency, vulnerability and patch management, threat detection, and disaster recovery capabilities are now a regulatory obligation.

— Four core obligations of NIS2 —
What does the NIS2 Directive specifically regulate?
NIS2 obligates companies to systematically identify, assess, and treat cyber risks. This includes technical measures such as network segmentation, access controls, and continuous monitoring — but also organizational topics like emergency plans, training, and supplier management.
Deadlines and implementation status
The directive has been in force at the EU level since January 2023. National implementation in Germany is carried out via the NIS2 Implementation Act (NIS2UmsuCG). Regardless of the exact date of entry into force: those affected should start implementation now, as many measures require several months of preparation.
Who is affected?
NIS2 distinguishes between essential and important entities. An overview of the affected sectors and thresholds can be found at Who is affected by NIS2?.
How ACURITY supports with NIS2
With our Managed OT Security Services we operationally implement NIS2-relevant measures in OT — from asset inventory to vulnerability and patch management, threat detection, and disaster recovery planning.
— Related content —
NIS2 at ACURITY
Our service offerings for NIS2 compliance in OT.
Learn moreNIS2 Implementation Act
How Germany translates NIS2 into national law.
Learn moreWho is affected by NIS2?
An overview of sectors, size categories, and thresholds.
Learn moreManaged OT Security
Continuous protection for your production — NIS2-ready.
Learn moreOT Vulnerability Management
Detect, prioritize, and treat vulnerabilities.
Learn moreWhat is OT Security?
Fundamentals and protection goals of industrial security.
Learn more