Report 18 Sep 2023

Expert View: How to Prepare for NIS2

NIS2 is the successor of the 2016 EU NIS directive. It defines minimum requirements for the cybersecurity of critical infrastructures in the EU according to uniform criteria. The aim is to (better) protect organizations and critical infrastructures from cyberthreats and to increase the Europe-wide level of cybersecurity. This directive has to be implemented by the end of 2024. It applies to companies and organizations with at least 50 employees and/or an annual turnover of EUR 10 million, as well as to any sole provider of a service within a country that contributes significantly to maintaining activities that are critical to society or the economy. Does NIS2 apply to your organization? Who is responsible? What requirements do you have to meet? Is business continuity secured? And finally, are appropriate reporting procedures in place?