Collaboration is crucial: Both the IT department and management must take action. The IT department implements technical security measures, while management ensures that resources, policies, and processes are in place. Both levels must work together to meet the requirements of the NIS2 directive and ensure the company’s cybersecurity. As non-compliance is often due to management issues, management should take the situation particularly seriously.