The NIS2 directive

NIS2 Directive: an upgraded EU cybersecurity framework

The NIS2 Directive, also known as the new version of the Network and Information Security Directive, is a European directive aimed at strengthening cybersecurity in the European Union (EU). The directive is designed to help organizations protect themselves against cyber threats and to ensure that the EU’s critical infrastructure is more secure and robust.

Is your organization medium or large and active in one of the (very) critical sectors such as energy, transport, health and digital infrastructure? Then this new legislation from the EU can have a lot of impact on the requirements for cybersecurity within your organization.

Timeline for compliance

The Directive entered into force on 16 January 2023. EU states now have 21 months - until 17 October 2024 - to integrate the provisions of the directive into local legislation.

Risk management and collaboration

But how will this revised directive ensure better cyber resilience? NIS2 tries to improve the level of cybersecurity within EU member states in various ways. The directive introduces an all-hazards set of cybersecurity risk management measures, stricter governance, extensive reporting obligations, personal liability of management, supported by supervisory and enforcement measures of supervisory authorities aiming for a harmonized approach across all EU member states. The importance of information sharing and (inter)national cooperation in the field of crisis management is crucial in this regard.

Your cybersecurity partners

We can help you interpret how NIS2 will impact your business and implement pragmatic strategies for compliance. We find innovative ways to simplify complexity, bring greater administrative ease, and future-proof your business.

For more details on how NIS2 will impact your organization, you can find further materials on the subject below.