European States Spin Wheels on Cybersecurity Directive

NIS2 Directive Lags in Adoption and Implementation David Meyer • January 16, 2026

Uptake by European Union member countries of a measure intended to beef up continental cybersecurity has hardly been enthusiastic. 15 months after EU nation-states were supposed to have implemented the Network and Information Security 2 Directive, fewer than two-thirds have done so fully. Key players such as France and Ireland haven’t even passed the necessary national legislation.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

Experts are divided over the effect this situation has on Europe’s defensive capabilities at a time when the continent faces severe threats. Only on Wednesday, the Polish prime minister accused Russia of a wave of December cyberattacks on the country's energy grid.

Either way, variations in NIS2 implementation - in terms of timing and the details of the implementing legislation - is proving tricky for the ...