The NIS2 directive

As the cyber threat increases and information systems remain partly vulnerable, the NIS 2 directive (Network and Information Security), published in the Official Journal of the European Union in December 2022, represents a unique opportunity. Its implementation will enable thousands of entities that impact the daily lives of citizens to better protect themselves.

What is the NIS2 directive? The NIS2 directive, also known as the directive on the security of networks and information, is a significant legislative text aimed at improving cybersecurity and protecting critical infrastructures in the European Union (EU).

Building on the previous NIS directive, it addresses its shortcomings and expands its scope to enhance security requirements, reporting obligations, and crisis management capabilities. Compliance with the NIS2 directive is crucial for businesses operating in the EU to protect their systems, mitigate cyber threats, and ensure resilience.

The objectives of NIS2 are to strengthen cybersecurity, simplify reporting, and create consistent rules and sanctions across the EU. By expanding its scope, NIS2 requires more businesses and sectors to take cybersecurity measures, ultimately aiming to improve Europe’s cybersecurity in the long term. With stricter rules to overcome previous limitations, NIS2 has an impact on a broader range of industries. Entities subject to the NIS2 standard are classified as essential or important, and the directive outlines security requirements as well as an incident reporting process.

Timeline of the NIS2 directive: