- According to a KSV1870 survey, three out of four Austrian companies have measures to reduce cyber risks, but only a third can implement them before the new cybersecurity law takes effect in October 2026.
- The law implements the EU NIS-2 directive and applies to systemically relevant institutions and companies, including energy suppliers and food retailers.
- From October 1, affected companies and their suppliers must provide proof of appropriate security measures against cyber attacks.
- Non-compliance can lead to revenue losses as the legal framework for business relationships will no longer be fully met.
- According to KSV, 17 percent of all domestic companies are affected by the law.
- The survey was conducted in March among around 1,100 companies.