What is NIS2?
Confused about NIS2? Here’s the basics.
What Is The NIS2 Directive?
Introduced in 2020, and recently coming into effect on January 16, 2023, the NIS2 Directive is a continuation and expansion of the previous EU cybersecurity directive, NIS. It was proposed by the European Commission to build upon and rectify the deficiencies of the original NIS directive.
NIS2 aims to enhance the security of network and information systems within the EU by requiring operators of critical infrastructure and essential services to implement appropriate security measures and report any incidents to the relevant authorities.
Compared to NIS, NIS2 expands its EU-wide security requirements and scope of covered organizations and sectors to improve the security of supply chains, simplify reporting obligations, and enforce more stringent measures and sanctions throughout Europe.
What Does NIS2 Stand For?
NIS2 stands for “Network and Information Security Directive”.
NIS2 Becomes Law in 2024
Member States have until October 17, 2024 to transpose the Directive into national law. This means that each organization encompassed by the Directive will be legally obligated to live up to its requirements by Q4 2024.
The Original NIS
The original NIS Directive also aimed to enhance the cybersecurity level of EU member states, however, its implementation faced challenges and resulted in inconsistent efforts across the Union. In light of the rising cyber threats, the EU commission proposed NIS2 as a replacement.
You Need To Be Fully NIS2 Compliant In:
Time is running out to comply with NIS2 regulations. Starting your compliance journey sooner rather than later is crucial.
A typical NIS2 compliance process, including security assessments, auditing, consulting, and tool implementation, takes approximately 12 months.
For practical advice on how to comply with the requirements, check out our NIS2 white paper.