The aim of NIS2 is to better protect critical sectors and essential services from digital threats such as cyberattacks. By implementing the directive, resilience, responsiveness and overall level of protection of critical infrastructures are expected to improve significantly. Given the extensive changes, it is crucial for companies to take action early in order to meet the new requirements and secure their digital infrastructure in a sustainable way.
The NIS2 Directive was already published in 2022. EU member states have until October 18, 2024 to transpose it into national law – a clear timeline that puts companies under pressure. The directive introduces binding legal requirements that demand concrete measures to secure systems and networks.
From our perspective, NIS2 marks a milestone for European cybersecurity. It defines clear standards for risk assessment, technical and organizational security measures, as well as for responding to security incidents. In the future, violations will be sanctioned more consistently through. significantly higher fines .
A central element is the new size‑cap rule, which establishes a uniform logic for identifying affected companies. Other key components include comprehensive cybersecurity risk management, state‑of‑the‑art security measures and mandatory incident reporting within 24 hours of an incident.
With suitable management systems , these requirements can be implemented efficiently. They help minimize risks, control processes, and ensure that business objectives are achieved securely.
We are happy to support companies on a non‑binding basis in assessing their current security risk or evaluating suitable software solutions.
