Skip to main content

NIS 2 – Straight to the Point
The Essentials at a Glance

Your quick overview of the NIS 2 Directive and what it means for your business. Learn everything you need to know about the regulation.

NIS 2: Securing Europe’s IT Networks

The NIS 2 Directive (“The Network and Information Security Directive”) governs cybersecurity and information security for companies and institutions across the EU. It came into force in January 2023.

By October 2024, EU Member States must transpose this directive into national law. In Germany, a draft law has been in place since July 2023, known as the NIS-2 Implementation and Cybersecurity Strengthening Act (NIS-2UmsuCG).

Beyond Critical Infrastructure – Who the Directive Applies To

The NIS 2 Directive applies to organizations far beyond the scope of the KRITIS-requirements. It introduces two main categories of affected organizations: „Essential Entities“ and „Important Entities“. The main difference lies in the scale of penalties for non-compliance.

In general: If your organization falls under one of the following categories and meets the thresholds of more than 50 employees and an annual turnover exceeding €10 million, compliance with the NIS 2 Directive is mandatory.

What Are the Consequences of Non-Compliance?

  • Companies that fail to implement the required measures face hefty fines (§ 65 NIS-2UmsuCG).
  • Regulatory authorities have oversight and enforcement powers with strict deadlines.
  • There is also personal liability for executive management (§ 38, § 61 NIS-2UmsuCG).

Besonders wichtige Einrichtungen

  • Energie
  • Luft-, Schienen-, Straßen- und Schiffsverkehr
  • Bankenwesen/Finanzwesen
  • Gesundheitswesen
  • Wasser
  • Digitale Infrastruktur und IT-Dienste
  • Öffentliche Verwaltung NIS-2
  • Raumfahrt NIS-2

Wichtige Einrichtungen

  • Anbieter von Post- und Kurierdiensten NIS-2
  • Abfallwirtschaft NIS-2
  • Chemische Erzeugnisse NIS-2
  • Lebensmittel NIS-2
  • Hersteller NIS-2
  • Digitale Anbieter NIS-2
  • Forschungseinrichtungen NIS-2

NIS 2 Check: See if You’re Affected
nd Plan Your Next Steps with Cybersense

Not sure whether your organization falls under the NIS 2 Directive? No problem – we’re here to help.
Use the test provided by the Federal Office for Information Security (BSI) to find out quickly and easily.

Our goal is to make your path to NIS 2 compliance as smooth as possible. The test will give you clarity – and we’ll be there to guide you through the next steps.

Let’s work together to make sure you’re fully prepared!

Contact us today

Free eGuide

NIS 2 Requirements for Your Organization at a Glance

With a Practical 8-Step Plan

In this eGuide, you’ll learn…

... exactly what the NIS 2 Directive covers and requires from businesses

... the severe consequences of inadequate cybersecurity

... how to quickly check whether your organization is affected

... how to implement the NIS 2 Directive in 8 practical steps

Download your free eGuide now

Download your free eGuide now

This practical 8-step plan will help you successfully meet the requirements of the NIS 2 Directive and take your cybersecurity to the next level.

Are you ready for NIS 2? Protect your business.
Request a consultation with our experts today.

Dein Ansprechpartner
Michael Pütz

Contact us now