Implementing NIS2 is neither a technology project nor a one-off compliance exercise. Above all, it represents a fundamental shift in how an organisation manages cybersecurity. This new approach spans processes, roles, and management decisions. It also requires organisations to be operationally prepared to respond to incidents. Companies must therefore