Get notified when there's news

Want to stay up-to-date? Sign up for our infoupdate. You'll be notified directly when we publish new content that's relevant to you.

I accept


NIS2 IT audit. The NIS1 Directive has not mitigated the cyber threat to the EU to the extent necessary. NIS2 will now remedy that.

What is NIS2 and why is it being introduced?

NIS2 stands for Network and Information Security. It is an extension of the EU directive NIS1 to strengthen cybersecurity in critical sectors in Europe.

NIS1 came into force in 2018. It required public authorities, operators of critical infrastructure (e.g. energy and transportation) and service providers (e.g. e-commerce platforms and social networks) to strengthen cybersecurity efforts. They were also required to report serious security incidents to the authorities.

The cyber threat hasn't diminished

However, it turns out that member states have interpreted and therefore implemented the rules behind NIS1 differently. As a result, the directive has not reduced the cyber threat to the EU to the extent necessary, and NIS2 will now remedy this.

More sectors and more companies

NIS2 sets requirements for governance, risk management, business continuity and reporting to authorities, and the directive has been expanded to include more sectors and thus companies.

An important element is also a tightening of management responsibility. The work with cybersecurity must be anchored in management, and executive boards and boards of directors can face sanctions if they do not meet the requirements.

Want to know more about NIS2?

You can find out more about the new legislation on these pages:

You can read more right here.

You are also welcome to contact us for a no-obligation meeting if you want to know more about cyber security and what the new requirements could mean for your business.

Our services
Employees
140
Customers
3900
Turnover
+150 million
Year of establishment
1986
Growth per year.
10 %

Shortcuts