NIS2 Consultancy

Ten-day NIS2 Consultancy

What is NIS2?

NIS2 is the European Union's updated Cybersecurity Directive, which aims to improve the security of critical infrastructures and digital services. Compared to the original NIS directive, it covers a broader scope, including healthcare, public administration, and digital infrastructure.
‍
The NIS2 directive introduces stricter compliance requirements and imposes significant fines for non-compliance. Fines could reach up to 2% of a company's annual global revenue or a maximum of 10 million euros, whichever is higher.
‍
The directive aims to ensure the cybersecurity of critical infrastructure and digital services and to force companies to comply with the required standards. The measure also includes faster and more uniform incident reporting across EU member states. For affected companies, compliance is crucial to avoid severe penalties and negative impacts on their reputation.

Who does NIS2 apply to?

NIS2 extends the scope of the previous directive and covers more sectors. The organisations concerned include critical infrastructures such as energy production, transport and healthcare. The new regulation also covers digital service providers such as cloud providers and online marketplace operators. Public services such as water supply and utilities are also covered. NIS2 also affects public and private sector organisations that provide services that are essential for the functioning of society.

Is your business affected?

The answer to this question may seem straightforward at first, but determining whether an organization is subject to NIS2 regulations can be a more complex endeavour. Companies can attempt to answer the question on their own or seek help from cybersecurity experts like ViVeTech.