The German industrial giant is finding itself in an unusual position as Brussels tightens its grip on technology. On one front, Siemens is lobbying hard to water down incoming artificial intelligence regulations that threaten to slow its factory automation business. On the other, it is quietly building a lucrative service line around the very cybersecurity mandates those same regulators are imposing on critical infrastructure operators.
The tension crystallises around two pieces of EU legislation with vastly different implications for the Munich-based group. The AI Act, whose core provisions take effect on 2 August 2026, could force Siemens to jump through extra hoops before embedding machine-learning models into its industrial software and automation gear. The NIS-2 cybersecurity directive, meanwhile, has been in force since late 2024 and is creating a captive market for the company’s new managed security services.
Berlin’s Push for Industrial Exemptions
Germany’s federal government has taken the lead in seeking carve-outs for industrial AI applications in sectors such as machinery and medical technology. Siemens and domestic rival Bosch have thrown their weight behind the initiative. The argument is straightforward: assembly-line robots and diagnostic imaging algorithms pose fundamentally different risks from chatbots or facial recognition systems, and should not be subject to the same blanket rules.
Ten EU member states, including Austria,
The political calendar adds urgency. The European Commission plans to unveil a “Tech Sovereignty Package” in May, aimed at building a self-sufficient European AI ecosystem. Industry representatives complain that the sovereignty focus is already stifling innovation. The May vote on that package will offer the first real signal of whether Berlin’s push for exemptions has traction — or whether Siemens will remain tethered to a strict rulebook while US rivals plough ahead.
Cybersecurity as a Revenue Engine
While the AI debate remains unresolved, the NIS-2 directive is already generating hard revenue for Siemens. The new “Managed Detection and Response” service, unveiled at the Hannover Messe, targets operators of critical infrastructure — energy utilities, data centres and municipal networks — who are now legally obliged to bolster their cyber defences.
The service monitors information technology and operational technology systems around the clock. Software filters out false alarms and, when a genuine attack is detected, provides customers with step-by-step instructions for containment. Building an in-house security operations centre is prohibitively expensive for most mid-sized utilities. Siemens promises to slash upfront investment costs by as much as 80 percent, and to cut ongoing operational expenses by half.
Should investors sell immediately? Or is it worth buying Siemens?
The Hertener Stadtwerke, a municipal utility in North Rhine-Westphalia, is already using the system to protect its assets and comply with EU requirements. Siemens continuously updates the detection rules to keep pace with evolving threats, positioning the service as a scalable, one-stop solution for a market with extremely high barriers to entry.
A Stock Caught Between Tailwinds and Headwinds
The diverging regulatory dynamics are reflected in the share price, though not yet fully priced in. Siemens stock trades at around €243, roughly seven percent below its 52-week high. Over the past twelve months, the shares have gained between 21 and 24 percent depending on the reporting period, with a recent breakout above the 200-day moving average adding technical confirmation to the upward trend.
The order book provides fundamental support. In the first quarter, comparable order intake rose ten percent, with revenue up eight percent. The book-to-bill ratio stood at 1.11, signalling a growing pipeline of future work. The cybersecurity push fits neatly into this growth narrative, offering recurring service revenue with high margins and sticky customer relationships.
Yet the AI regulatory overhang remains a drag that analysts say is not yet reflected in the valuation. If Berlin’s carve-out initiative succeeds, Siemens gains room for faster product cycles in AI-driven automation. If it fails, the company will have to navigate a stricter compliance regime while US competitors — Microsoft alone is pouring $18 billion into Australian AI infrastructure — continue to invest without equivalent constraints.
What May Bring Clarity
The May vote on the Tech Sovereignty Package will be the first major test. A win for the German position would signal that Brussels is willing to differentiate between general-purpose AI and industrial applications, giving Siemens and its peers a clearer runway. A defeat would mean the company must adapt to a uniform set of rules that its leadership considers overly burdensome for manufacturing use cases.
Either way, the cybersecurity business is already delivering. The NIS-2 directive has turned regulatory compliance into a recurring revenue stream, and Siemens is moving quickly to own the niche. The company is effectively hedging its bets: fighting one set of rules while profiting from another. For investors, the question is which side of the regulatory coin will ultimately prove more valuable.
Ad
Siemens Stock: Buy or Sell?! New Siemens Analysis from April 24 delivers the answer:
The latest Siemens figures speak for themselves: Urgent action needed for Siemens investors. Is it worth buying or should you sell? Find out what to do now in the current free analysis from April 24.
Siemens: Buy or sell? Read more here...
