NISG 2026: What is truly necessary?
Translated from German, summarized and contextualized by DistantNews.
At a glance
News
Named sources
New plan
- New regulations under the NISG 2026 law will require many companies to implement new security measures.
- Cyber Trust Services offers the Cyber Trust Platinum Label to help companies meet these requirements, demonstrating compliance with EU directives.
- The law's impact extends to supply chains, requiring even non-directly regulated suppliers to prove adequate security levels.
New regulations under the NISG 2026 law are set to impose significant new requirements on many companies, particularly concerning cybersecurity. Thomas Stubbings, managing director of Cyber Trust Services, emphasizes that companies must go beyond isolated technical measures to demonstrably and verifiably fulfill legal obligations.
It is crucial that companies do not just implement individual technical measures, but fulfill the legal requirements in a comprehensible and verifiable manner.
The EU's implementing regulation, DVO 2024/2690, clearly outlines the necessary security measures for companies relevant to NIS2. Cyber Trust Services' Platinum Label is designed to fully cover these requirements and is continuously updated to align with directives from the NIS authority. This label provides a structured, practical, and comprehensive proof of implemented security measures.
Stubbings highlights that the Platinum Label serves as robust evidence for customers, business partners, and supervisory bodies, proving that a company has systematically implemented required security measures. This is crucial as cybersecurity increasingly becomes a demonstrable management responsibility. Companies can no longer simply claim to "do a lot"; they must prove they have fully understood, implemented, and documented the requirements.
The Platinum Label was developed precisely for this purpose: as reliable proof that a company has systematically implemented the required security measures.
The impact of NISG 2026 extends significantly into supply chains. Suppliers, even if not directly subject to the law, will increasingly need to demonstrate an adequate security level. Cyber Trust Labels Standard, Silver, and Gold offer tiered, affordable, and recognized security proof for varying risk levels. Stubbings advises against waiting, stating that compliance by October 1, 2026, is mandatory, regardless of when official audits begin. Proactive assessment of requirements, necessary proof, and supplier integration is essential, as cybersecurity is becoming a prerequisite for trust, business relationships, and market access.
Waiting is not an option. The requirements must be met by law from October 1, 2026, and must also be demonstrable.
DistantNews Editorial
Originally published by Die Presse in German. Translated, summarized, and contextualized by our editorial team with added local perspective. Read our editorial standards.
More Stories
From Our Blog
What Gets Lost (and Found) When News Is Translated
The Critical Role of Diaspora Media in Global News
What Travellers Should Know About Countries with Restricted Press
A Digital Nomad's Guide to Following Local News
How the Same Story Looks Different in Different Countries
