NIS2

Mandatory European Directive by 17 October 2024

Download the NIS2 Ebook

What is NIS2?

The NIS2 (Network and Information Security Directive 2) is a European Union directive created to strengthen cybersecurity in member states, focusing on combating increasingly frequent and sophisticated cyber threats. This directive is an evolution of NIS1, necessary for more effective prevention against cyberattacks and enhanced protection of critical infrastructures and essential services of companies.

  • Increased Cyber Resilience.
  • Enhanced Capacity for Responding to Security Incidents.
  • Increased Rigour in Cybersecurity Requirements.
  • Greater Collaboration and Information Sharing among EU Member States.

Deadline for NIS2?

Your company has until October 17, 2024 to comply with NIS2. Implementing the new measures is crucial to ensure the protection of your company against cyberattacks, which have been increasing on a large scale.

Company compliant with the European Union NIS2 Directive, deadline October 17, 2024

Why does my company need NIS2?

There are 18 sectors that are required to comply with NIS2, divided into two groups: Essential Entities and Important Entities.

Essential Entities:

  • Energy
  • Transport
  • Banking
  • Financial Market Infrastructures
  • Health Sector
  • Drinking Water
  • Wastewater
  • Digital Infrastructure
  • ICT Service Management
  • Public Administration
  • Space

Important Entities:

  • Postal and Courier Services
  • Waste Management
  • Manufacturing, Production and Distribution of Chemical Products
  • Food Production, Processing and Distribution
  • Manufacturing Industry
  • Digital Providers
  • Research

Non-compliance with NIS2 can lead to severe fines.

For Essential Entities, the maximum fine is €10,000,000 or 2% of the annual turnover of the company's worldwide annual turnover, whichever is higher.

For Important Entities, the maximum fine is €7,000,000 or 1.4% of the annual turnover of the company's worldwide annual turnover, whichever is higher.

These sanctions aim to ensure the effectiveness of this regulation.

IT professionals implementing cybersecurity measures in compliance with the NIS2 Directive

The NIS2 Ebook has arrived!

Learn all about NIS2 and avoid the anticipated fines!

EBOOK DOWNLOAD

NIS2 Implementation Steps

Assessment of Regulatory Requirements

Identification of requirements where the organization is not in compliance

Training

Training and awareness-raising of those responsible for critical areas

Workshops & Follow-ups

Tailored to the content of documents and tools used, adapting to the company's context

Monitoring & Process Review

Moments of assessing the organisation's compliance level at different stages

Project Closure

Project closure with a joint celebration and discussion of potential next steps

Benefits

What are the benefits of implementing NIS2 in your company?

Protection of Infrastructures

Protection of essential services against cyber threats, preventing hefty fines imposed by the European Union and financial losses resulting from cyberattacks.

Improves Company Reputation

Protects sensitive data against breaches and unauthorized access. Ensures the trust of your stakeholders.

Rapid Responses

Demonstrates a commitment to operational excellence and security, standing out in the market

Sharing with EU Member States

Promotes the sharing of information on threats and best practices among EU Member States, creating a collaborative approach to cybersecurity.

Testimonials

What our customers say.

InnoWave joins the select group of international companies with ISO 27001 & GDPR certification with the support of Strongstep.

FAQs

NIS2 applies to companies in sectors such as energy, transport, health, public administration, digital infrastructure, finance, and others. Essential entities are those with 250 or more employees and a turnover of €50 million or more. Important entities have more than 50 employees and a turnover of €10 million or more.

Entities that do not comply with NIS2 may face significant fines:

  • Essential Entities: up to €10 million or 2% of the global annual turnover.
  • Important Entities: up to €7 million or 1.4% of the global annual turnover. Additionally, other administrative sanctions may be imposed, such as orders to implement security audit recommendations.

NIS2 requires that significant cyber incidents be reported to the competent national authorities within 24 to 72 hours of detection, with a final report to be submitted one month after the incident notification.

  • Improvement of Cyber Resilience: Greater protection against cyberattacks.
  • Harmonisation of Standards: Consistency in cybersecurity practices across the EU.
  • Protection of Critical Infrastructure: Specific measures for essential sectors.
  • Cooperation and Information Sharing: Greater collaboration between member states and between the public and private sectors.

Services

Get to know some of the areas where we operate.

European Union NIS2 Directive to strengthen cybersecurity in critical infrastructures
DORA
Learn More
ISO 27001
Learn More
GDPR
Learn More

Accelerate RGPD with ISO 27001

Duration: 16h

Make your registration

LEARN MORE

ISO 27001 Introduction

Duration: 16h

Make your registration

LEARN MORE

Conquer new professional opportunities.

Stay tuned for upcoming trainings

Our Training Offer

Contact form.

We are here to help! Get in touch with us.

Request further information.

By submitting your data, you agree with our Privacy Policy.