The European Cybersecurity Organisation (ECSO) welcomes the NIS2 Implementing Act and highlights several risks based on feedback from its 300+ members. Key concerns include excessive and disproportionate cybersecurity implementation costs, ambiguous security requirements, and an overly extensive list of criteria for defining significant incidents that could lead to over-reporting. ECSO advocates for a risk-based approach…