Report 21 Oct 2025

Expert View: NIS2 Compliance – High-Level Checklist

The EU’s NIS2 Directive (Directive (EU) 2022/2555) significantly raises cybersecurity standards across 18 critical sectors and digital services. It expands scope, enhances management accountability, introduces risk management measures, and standardizes incident reporting (24-hour warning, 72-hour incident, one-month final report). Member States had to transpose NIS2 by October 17, 2024, with measures starting on October 18, 2024. Enforcement depends on national laws but includes common obligations and penalties of up to €10 million or 2% of global revenues for essential entities. If you operate in the EU or serve EU customers, do assume you are within scope and align your risk management, board oversight, incident reporting, and supplier controls.

Gain access to this document and more

Gain Access

Already have access? Log in.

Wolfgang Schwab

Expert View: NIS2 Compliance – High-Level Checklist

Gain access to this document and more

Related Content

Digital Sustainability Services by Topics & Vertical Sectors - Market Figures - Germany

Software & IT Services - InSight Analysis - Finland

Vertical Sectors - Market Figures - Rest of Eastern Europe

SAP – Vendor Profile – Switzerland

Cloud Consulting & Systems Integration (Cloud C&SI): Vendor Landscape in Germany - InBrief Analysis

Latest Publications report

Free reports & webinars

Expert View: NIS2 Compliance – High-Level Checklist

Gain access to this document and more

Related Content

Digital Sustainability Services by Topics & Vertical Sectors - Market Figures - Germany

Software & IT Services - InSight Analysis - Finland

Vertical Sectors - Market Figures - Rest of Eastern Europe

SAP – Vendor Profile – Switzerland

Cloud Consulting & Systems Integration (Cloud C&SI): Vendor Landscape in Germany - InBrief Analysis

Latest Publications report

Free reports & webinars

See how to make the most of our patform