Germany began enforcing the European NIS2 Directive on December 5, 2025, and Austria will follow on October 1, 2026. Across the DACH region alone, more than 35,000 companies are affected by the new requirements. At its core, NIS2 is about due diligence and operational resilience. Businesses in critical sectors must strengthen their defenses against cyberattacks, reduce the risk of outages, and ensure their systems remain secure and reliable.

One area that is becoming increasingly important under NIS2 is physical IT infrastructure — especially network racks. In this interview, security expert Martin Ellesch from CANCOM Converged Services GmbH explains why cable management systems like PATCHBOX can play an important role in helping companies meet NIS2 requirements. He also shares where the biggest security risks lie and what NIS2 means in practice.

What are the most important aspects of NIS2 for affected companies?

Martin Ellesch: NIS1 laid the foundation for cyber resilience in critical infrastructure. NIS2 goes much further. It applies to many more industries and now also includes suppliers. For the first time, physical aspects are part of the equation as well. That includes data center security, access control, clean patch management, and related operational measures. None of that was clearly covered under NIS1.

Another core principle of NIS2 is resilience. In practice, that means companies need to avoid single points of failure and build redundancy into their systems.

Staying with IT infrastructure: What security risks do overloaded server racks create?

Martin Ellesch: Overloaded or unsecured server racks always increase the risk of direct tampering with cables or hardware. That opens the door to sabotage and makes incidents much harder to trace afterward.

And then there is my personal “favorite problem” — cable spaghetti. I have worked in IT for a long time, and cable chaos is usually the result of years of changes made by different people, often without proper documentation. When something fails, troubleshooting takes far too long.

What has been your experience with PATCHBOX when organizing server racks?

Martin Ellesch: It is extremely fast, it supports structured work, and the retractable cable system is hard to beat. There are no more hanging cables or overly long patch cords. Everything is clean, organized, and exactly the right length.

Can cable management systems like PATCHBOX help companies meet NIS2 requirements? If so, how?

Martin Ellesch: Absolutely. They reduce the risk of system failure, support structured cabling — which is explicitly referenced in NIS2 — and make troubleshooting much easier. Clean patching helps teams identify the cause of outages much faster.

There is also the issue of heat. As servers and network equipment become more powerful, they generate more heat. Structured cable management improves airflow and helps prevent devices from overheating. I can absolutely see more companies turning to cable management systems like PATCHBOX because of NIS2.

External attacks are still seen as the biggest threat to companies and organizations. How important is a company’s own IT infrastructure when it comes to security?

Martin Ellesch: NIS2 reflects a broader shift in thinking. It is no longer just about protecting against external threats. Physical infrastructure has been largely overlooked for years, and now it is finally getting the attention it deserves. At the same time, the biggest risk factor is still the human factor. That has often been underestimated in the past, especially compared to external threats like DDoS attacks, ransomware, cryptoware, malware, or phishing.

In your experience, what is the biggest security weakness in companies?

Martin Ellesch: In most cases, it is people. Not because of bad intentions, but because of carelessness or social engineering.

Act Now — Before It Becomes Critical

NIS2 is not just a new obligation. It is also an opportunity. PATCHBOX helps companies bring more order, efficiency, and security into their network racks — and doing that is easier than many expect.