NIS2 | Summarised

NIS2 | Summarised

The NIS2 Directive strengthens EU cybersecurity by broadening critical sector coverage, improving member state cooperation, and enforcing mandatory incident reporting for swift response and mitigation of cyber threats.

  • Affects all Member States within the European Union
  • Expands the requirements for “cybersecurity” including monitoring and incident management
  • Aims to optimise the level of security between Member States and to strengthen resilience and response to incidents and attacks.
  • Increased and more specified reporting obligations
  • Consequences in case of breaches, sanctions for enforcement
  • Should lead to more effective cooperation and information sharing mechanisms between authorities, entities and Member states.
  • Management of large-scale cybersecurity incidents (EU-Cyclone)
  • European Vulnerability Register

Enters into force on 18th of October 2024 and will be implemented in all member states.

Markus Persson

Managing Director, Cyber & Digital Risk

Karin Pålshammar

Director, Cyber & Digital Risk