Boost your production with a 30-minute tailored web demo. Discuss your needs with our experts, explore key software features, and see how octoplant can increase productivity.
Stay ahead of the game with the latest EU cybersecurity requirements for manufacturing. Learn how to navigate the NIS2 Directive and ensure compliance with our white paper.
Empower your journey with AMDT’s solutions through a centralized portal designed to simplify license management, streamline support, and enhance your skills - all in one place.
How do you prioritize risks in legacy production systems - without disrupting operations? Our white paper provides clear answers for effective vulnerability management.
Are you passionate about making a difference, driving innovation and growing with a dynamic team? We're looking for motivated individuals who are ready to take on exciting challenges and build the future with us.
The NIS2 Directive has raised the bar significantly for IT and OT security across Europe. Since the German parliament passed the legislation in November 2025, one thing has become clear: the requirements are expanding, and time is running out.
The NIS2 Directive (Network and Information Security Directive 2) sets binding minimum standards for technical and organizational security measures. Its key points include:
The focus is on protecting critical processes, which can be threatened both by attacks on OT components and by vulnerabilities in traditional IT systems.
NIS2 significantly expands existing cybersecurity requirements. In addition to traditional operators of critical infrastructure, the following sectors are now covered as well:
Small and medium-sized enterprises with at least 50 employees or €10 million in revenue may also fall under the directive. In Germany alone, an estimated 29,500 companies are affected.
It mandates comprehensive risk management, including:
Executive management is explicitly accountable. They must actively oversee cybersecurity risks and demonstrate control.
In the event of a security incident, a three-tier reporting regime applies:
Initial report: within 24 hoursDetailed report: within 72 hoursFinal report: within 30 days
All reports must be submitted to the BSI. Within the federal administration, the new "Federal CISO" is responsible for coordinating the implementation of these requirements.
Noncompliance may result in fines of up to €10 million or 2% of a company's global annual revenue. In extreme cases, an organization’s operating license may be revoked.
Cyberattacks cause enormous economic damage. According to Bitkom, the German economy lost around €266 billion in 2024, and projections estimate losses of €289 billion in 2025. Therefore, the German federal government has set a long-term goal of reducing this figure to €50 billion.
NIS2 is a key component in achieving this goal. The directive is designed to strengthen the resilience of Europe’s digital infrastructure and effectively prevent outages, attacks, and manipulation. Consequently, IT networks and OT systems in production and operations will become more robust and less susceptible to disruption.
Modern OT-Security solutions like Octoplant help companies implement these requirements efficiently and minimize downtime.
You can find more details in our white paper on NIS2 compliance.