NIS2 Is In Effect And The To-Do List For CISOs Is Exploding. The Frequent Result: Unclear Requirements, A Huge Documentation Burden, And Little Time.
CSO Online, December 11,2025
NIS2 is in effect and the to-do list for CISOs is exploding. The frequent result: unclear requirements, a huge documentation burden, and little time.
NIS2 is symbolic of the core problem with European directives and regulations: They generate unnecessary red tape and too rarely have the desired effect.
Whether it's the Supply Chain Act, GDPR impact assessments, or the IT Security Act - the common theme is that companies have to produce mountains of documentation, something that neither increases actual security nor is realistically verifiable.