European NIS2 Directive

Compliance with the European NIS2 Directive

Consult with our experts
Access the webinar (on demand)

European NIS2 Directive

Compliance with the European NIS2 Directive

Consult with our experts
Access the webinar (on demand)

What is NIS2?

The European NIS2 Directive , which came into force on October 18, 2024, seeks to standardize cybersecurity measures at the European level and is mandatory in essential sectors of public and private entities .

These are legal measures (technical, operational, and organizational) that guarantee a high common level of cybersecurity and eliminate significant differences between Member States.

Which entities are affected by NIS2 compliance?

In addition to all sectors under the category of “essential entities” and within the size threshold of “important entities”

  • Public Administration : Public administration with exceptions.
  • Essential entities : Size threshold: varies by sector, but generally 250 employees, annual turnover of €50 million or balance sheet of €43 million.
  • Major Entities : Size threshold: varies by sector, but generally 50 employees, annual turnover of €10 million or balance sheet of €10 million.
  • Supply chain . Companies that provide services to the above.

Compliance Guide

Download the compliance guide to learn the basics of the NIS2 Directive.

Source: Centro Criptológico Nacional 

Scope of application | Public Sector

Download this guide with the scopes of application of the NIS2 in public sector entities.

Source: Centro Criptológico Nacional 

Learn with our experts

How to comply with NIS2,
the new European cybersecurity regulation?

Request the on-demand webinar here , which discusses the obligations imposed on Member States and entities, including risk management measures, monitoring and incident reporting, as well as the importance of information sharing to improve cyber resilience.

Request more information