Everything You Need To Know About The NIS2 Directive
The NIS2 Directive came into force on a European basis since January 16, 2023, introducing mandatory security measures and reporting obligations.
It sets out minimum requirements for cybersecurity. It is intended to help standardize the level of cybersecurity in The European Union and strengthen international cooperation in the fight against cyberattacks. The EU member states must transpose the directive into national law by October 2024.
The date for the implementation of the NIS2 into the national NIS2 UmsuCG is questionable. Regardless of this, companies are well advised to implement the minimum requirements in accordance with Art. 21 of NIS2 as soon as possible.
In Germany, around 30,000 companies are affected by this directive, which entails new obligations.
How we help you
Get "NIS2 Ready" With Us
Step
NIS2 Check
Together we check whether your company is affected by the NIS2 directive or not.
Step
Gap Analysis & Diagnostic
Together we will analyze your cybersecurity infrastructure, compare it to NIS2 guidelines, help you plan necessary measures, and create a timetable for your NIS2 readiness.
Step
Tendering & Implementation Support
To reach the NIS2 readiness, we accompany you with the tendering and implementation of the right cybersecurity measurements.
Not Sure If You Are Affected By The NIS2 Directive?
Have you previously been a critical infrastructure operator (KRITIS)?
If your company is already classified as KRITIS according to BSIG, it will automatically be affected by NIS2, as these are defined as a separate category in the directive.
Question No. 2
Are you one of the sectors affected?
Companies with at least 50 employees and an annual turnover of at least €10 million that fall into one of the affected sectors are affected by NIS2. This includes both public and private institutions.
Question No. 3
Does your company meet the defined thresholds for company size and count as a highly critical according to annex I or critical sector according to annex II?
Question No. 4
Are you one of the special cases?
Some specific cases of particularly important entities, such as qualified trust services, TLD registries and DNS services, are affected by the NIS2 Directive regardless of their size.