How do you prepare for a regulation that almost has no guidelines yet?
What are the emerging cyber threats that need to be addressed when implementing NIS2? How do you best keep up with the changing threats and secure your organization?
You need to be accountable, document, and ensure a risk-based approach to be compliant. However, getting the experts' input to understand the associated risks is a project management nightmare.
You will most likely encounter a lack of awareness and understanding in your organization about NIS2. You may also quickly realize that you don't have sufficient resources and expertise to implement the comprehensive directive.