What is NIS2?

NIS2 (Network and Information Systems Directive 2) is an EU directive introducing common cybersecurity standards across member states. Its main goal is to strengthen the resilience of IT systems, protect critical infrastructure, and ensure better readiness against cyberattacks.

Key Changes

1. Broader Scope

New categories are introduced – essential and important entities. These cover organizations in energy, transport, banking, healthcare, and digital infrastructure. Classification depends on company size and service significance.

2. Stricter Risk Management

Organizations must apply technical and organizational measures, including 24/7 monitoring and timely incident reporting. This improves coordination and speeds up response to threats.

3. EU-CyCLONe Network

A European crisis management structure allowing member states to share data and act jointly in large-scale incidents.

4. Unified Reporting

Standardized reporting formats reduce bureaucracy and ease communication with EU and national institutions.

Legislative Process

The draft law was open for consultation until August 3, 2024, approved by the Council of Ministers on December 11, 2024, and adopted at first reading on February 20, 2025. Final approval is expected soon.

Impact on Organizations

With NIS2, many public and private entities will fall under stricter rules. They must:

• develop a clear cybersecurity strategy;
• implement strong IT security measures;
• report incidents quickly and transparently;
• work with trusted partners for SOC/MDR and compliance support.

Compliance will be crucial for protecting critical infrastructure and ensuring a secure digital ecosystem.

Contact Us

Our experts help you prepare for NIS2 – from strategy building to SOC/MDR implementation. Get in touch to ensure compliance and resilience.