NIS2 and Cyber Threats: Securing Before Deploying AI
By Anis Hammouche·May 31, 2026·9 min read
You launch an AI project to save time. Without noticing, you also open a door. Every connector to your data widens the zone attackers can aim at. So does every agent reading your internal documents. So does every API wired to a model. And while you watch the productivity gain, the NIS2 directive has just set a new rule. In case of a cybersecurity failure, it is your personal liability as a leader that is on the line.
Why AI widens your attack surface
An AI project is not an isolated piece of software. To be useful, it has to touch your data: invoices, contracts, customer records, mailboxes, business databases. That is exactly what makes it exposed.
Three mechanisms raise the risk, and they are rarely anticipated in the initial budget.
- New entry points. Every connector, every API key, every autonomous agent is one more door. A single door left ajar is enough.
- Data leaving its perimeter. An assistant reading your internal documents can, if misconfigured, expose confidential information to an external provider or in a log file.
- Unpredictable behavior. A model can be manipulated by an instruction hidden in a document it processes. That kind of attack was not in your risk map two years ago.
The problem is not AI itself. It is deploying it without updating your security posture at the same time. You add value on one side and risk on the other, and only the first is measured.
What NIS2 actually changes for you
The NIS2 directive (EU text 2022/2555) replaces the first NIS directive from 2016. Look at the scale. In France, the scope goes from about 500 entities across 6 sectors to nearly 15,000 companies across 18 sectors: energy, transport, health, banking, water, digital, food, manufacturing, public services, and more.
Two categories structure the framework.
| Category | Indicative thresholds | Penalty cap |
|---|---|---|
| Essential entities | 250+ staff, or €50M+ revenue, or €43M+ balance sheet | up to €10M or 2 percent of global revenue |
| Important entities | 50 to 249 staff, or €10M to €50M revenue | up to €7M or 1.4 percent of global revenue |
If your company crosses these thresholds in a covered sector, you will very likely be in scope. And even if you are not directly, the clients who are will ask you for guarantees, because NIS2 also requires securing the supply chain, meaning your suppliers.
Leadership accountability can no longer be delegated
This is the point many leaders discover too late. NIS2 does not stop at technical obligations for the IT department. Article 20 of the directive targets the management body directly.
In practice, three obligations fall on you personally.
- Approve the cyber risk-management measures. You can no longer sign off a security budget without understanding what it contains.
- Get trained. The directive requires training for management body members, not only the technical teams.
- Oversee the implementation, and answer for it. The management body can be held liable for the entity's failures.
The directive goes further. Its Article 32 allows, for essential entities, the temporary suspension of an individual from management duties in case of a serious, persistent failure. Security leaves the purely technical domain and becomes a matter of governance, on the same level as financial compliance.
Where transposition stands in France
Here is the fact you need to get the timeline right: as of today, NIS2 is not yet transposed into French law.
The directive was supposed to be transposed before 17 October 2024. France fell behind. The legal vehicle is the bill on the resilience of critical infrastructure and the strengthening of cybersecurity (the Resilience Law), which transposes three European texts at once (REC, NIS2 and DORA).
Its path, as of late May 2026:
- Adopted by the Senate on 12 March 2025.
- Filed at the National Assembly on 13 March 2025, reviewed in a special committee (report filed 10 September 2025, more than 500 amendments).
- Public session review expected during 2026, promulgation hoped for after that, followed by implementing decrees.
None of this licenses passivity, for a simple reason. Securing an information system takes months, sometimes more than a year. If you wait for promulgation to start, you will be late the day the obligations become binding. The ANSSI has already opened the MonEspaceNIS2 space so companies can self-assess right now, before the rules take effect.
Security is handled before deployment, not after
The most expensive mistake is to split the AI project and the security project, as two separate efforts run by two teams at two different moments. That is wrong. An AI deployment is a change in your risk exposure. Handling it afterward is like installing an alarm once the burglary is underway.
Securing before and during means a few concrete decisions, made at the framing stage.
- Map the data the AI will touch, and decide which of it has no business being in the project.
- Limit each agent's access to the strict minimum, rather than opening everything by default.
- Choose where your data lives: a model hosted in Europe, local processing, anonymization upstream.
- Trace and log the AI's actions so you can detect abnormal behavior and prove it.
None of these decisions is purely technical. All of them involve the leader, and all of them cost far less taken at the start than redone after an incident or an audit.
How SolidScale handles security in the S3 method
Security is not an optional module bolted on at the end. In the Scan, Solve, Scale method, it is part of the framing from the first conversation.
Scan: the free 30-minute audit does not only ask which process to automate. It asks which data the project will touch and what your regulatory exposure is, NIS2 included. An AI project that opens broad access to sensitive data with no security counterpart is a warning sign, and it is better to see it before writing a single line of code.
Solve: security is built into the design, not added afterward. Limited access, partitioned data, hosting chosen knowingly, logged actions. The 4-to-8-week sprint delivers a tool that is usable and defensible, not a prototype to be secured later.
Scale: scaling up multiplies entry points. Continuous monitoring therefore includes a review of exposure at each expansion of scope. You do not widen AI usage without reassessing the risk that comes with it.
Key takeaways
Cybersecurity and AI are not two separate topics. Deploying AI without securing it means adding measured risk to the measured gain.
- Every AI project widens the attack surface: new access, displaced data, manipulable behavior.
- NIS2 moves France from 500 to nearly 15,000 companies in scope, and engages the leader's personal liability.
- The directive is not yet transposed in France, but securing takes months: starting now is not optional.
- Security is decided at the framing stage, not after the first incident.
The concrete action fits in one sentence: before opening your data to AI, know exactly what the project exposes and who answers for it.
Frequently asked questions
Is my company in scope for NIS2?
Probably, if you exceed 50 staff or 10 million euros in revenue in one of the 18 covered sectors (energy, health, transport, digital, food, banking, and others). Even outside the perimeter, your in-scope clients will ask you for guarantees, because NIS2 also targets the supply chain.
Is NIS2 already enforceable in France?
Not yet. The directive was due to be transposed before 17 October 2024, but the Resilience Law that transposes it is not promulgated as of late May 2026. Waiting for promulgation to act is risky, because securing an information system takes several months.
How does an AI project increase cyber risk?
To be useful, AI accesses your data and connects to your systems. Each access is a potential entry point, each displaced data set a leak risk, and a model can be manipulated by a hidden instruction. The attack surface grows with every connector added.
Is the leader really personally liable?
Yes. Article 20 of NIS2 requires the management body to approve security measures, get trained, and oversee implementation. It can be held liable for failures, and Article 32 even allows a temporary suspension from duties in case of a serious, persistent failure for essential entities.
Sources
- ANSSI, La directive NIS 2, cyber.gouv.fr/reglementation/cybersecurite-systemes-dinformation/directives-nis-nis2-et-dispositif-saiv/directive-nis-2
- European Union, Directive (EU) 2022/2555 (NIS 2), Articles 20, 21 and 32, eur-lex.europa.eu
- National Assembly, Bill on the resilience of critical infrastructure and the strengthening of cybersecurity, assemblee-nationale.fr/dyn/17/dossiers/DLR5L17N50731
- Senate, Bill on critical infrastructure resilience and cybersecurity (adopted 12 March 2025), senat.fr
Related articles
Related resources
S3 Framework · Scan · Solve · Scale
Ready to take action?
A free 30-minute audit to identify your first AI opportunities. Diagnosis delivered within 48h. No commitment.