Governing Access in the age of NIS2
A practitioner’s perspective with Guido Kraft, Field CISO at WALLIX

European critical infrastructure and public sector organisations are facing an unprecedented rise in cyber threats, with public administration now accounting for 38% of all incidents recorded in 2025. Critical sectors such as energy, healthcare, transport, finance, and manufacturing are increasingly targeted by state-backed attacks and hacktivist campaigns. In response, the NIS2 Directive introduces direct accountability for senior management and boards regarding cybersecurity failures.

However, many public organisations still struggle with legacy systems, limited budgets, and a shortage of cybersecurity talent. In Germany alone, the number of entities impacted by NIS2 has increased from 4,500 to nearly 29,000 organisations. Despite growing risks, many organisations have yet to begin their compliance journey, often without any increase in security investment. Human error, privilege misuse, and stolen credentials continue to play a role in 60% of data breaches worldwide. Third-party and supply chain attacks also remain among the most costly and time-consuming incidents to contain. This whitepaper explores how effective access governance aligned with NIS2 can help organisations strengthen resilience beyond simple compliance. Featuring insights from Guido Kraft, Field CISO at WALLIX, it highlights practical strategies to improve visibility, control, and cyber risk management.

Download the whitepaper to discover how NIS2 can become a strategic opportunity to build stronger, more resilient cybersecurity governance.