Approximately 80 % of businesses are confident in adhering to NIS2 , yet 66 % will miss the compliance deadline . rganisations are navigating a

NIS2 , a regulation aimed at strengthening cybersecurity across the EU by expanding the scope and increasing the rigour of security requirements , goes into effect .

Veeam Software commissioned a new survey from Censuswide that revealed that only 43 % of EMEA IT decision-makers believe NIS2 will significantly enhance EU cybersecurity .

This is despite an overwhelming 90 % of respondents reporting at least one security incident that the NIS2 directive could have prevented in the past 12 months . Alarmingly , 44 % of respondents experienced more than three cyberincidents , with 65 % of those categorised as ‘ highly critical ’. the state of play less than a month before this directive took effect on October 18 . Although nearly 80 % of businesses are confident in their ability to eventually comply with NIS2 guidelines , up to twothirds state they will miss this imminent deadline .

Barriers to NIS2 compliance

Achieving NIS2 compliance requires businesses to implement essential measures , such as defining incident response plans , securing supply chains , assessing vulnerabilities and evaluating overall security levels .

This includes all affiliated organisations , partners and supply chains . However , several barriers to compliance persist . Key challenges cited by IT decision-makers include technical debt ( 24 %), lack of leadership understanding ( 23 %), and insufficient budget / investments ( 21 %).

Notably , 40 % of respondents reported decreased IT budgets since the political agreement for NIS2 was proclaimed effective in January 2023 , despite its stringent penalties , which are comparable to those of the EU ’ s flagship data privacy legislation , the General Data Protection Regulation ( GDPR ). 63 % of respondents view the GDPR as strict , and 62 % express the same sentiment about NIS2 .

Competitive pressures amid cyberthreats

The slow pace of NIS2 adoption is likely due to the multitude of competing priorities and business pressures that face these organisations . Respondents rank NIS2 lower in urgency than 10 other issues , including the skills gap , profitability and Digital Transformation . Worryingly , 42 % of respondents who consider NIS2 insignificant for EU cybersecurity improvements attribute this to inadequate consequences of non-compliance , which has led to widespread apathy towards the directive .

Additional key findings from the survey include :

Andre Troskie , EMEA Field CISO at Veeam

The survey results , which encompass the views of 500-plus IT decision-makers from Belgium , France , Germany , the Netherlands and the UK , revealed

• 74 % of respondents see NIS2 as beneficial , but 57 % doubt it will have any substantial impact on overall EU cybersecurity posture .

22 WWW . INTELLIGENTCISO . COM