There are now just 12 months to go until the European Union’s Network and Information Security 2 (NIS2) directive goes live on October 18th 2024. NIS2 will serve as an extensive update to the original NIS directive (published in 2016), with the goal of strengthening cybersecurity measures across EU firms.
NIS2 addresses the increasing cyber threats and vulnerabilities by setting out measures to ensure a high common level of network and information security. It expands the scope of entities covered, including more sectors like public administrations and medium-sized enterprises. The directive emphasises the importance of risk management and introduces stricter supervisory measures for national authorities. It also mandates incident reporting to relevant national authorities, with the aim of ensuring timely and effective responses to cyber threats.
NIS2 is also designed to promote cooperation among member states through the establishment of a Cooperation Group and a Computer Security Incident Response Teams (CSIRTs) network, sharing information, best practices, and strategies to tackle cross-border cyber threats.
Full details available here.