NIS2 - European Union Cybersecurity Directive
The aim of the NIS2 Directive is to ensure a common level of cyber security in the whole European Union.
The EU Network and Information Security Directive (NIS Directive) lays down regulations on information security obligations and incident reporting for many different sectors. The new Revised Directive on Security of Network and Information Systems (NIS2 Directive) replaces the previous Network and Information Security Directive.
The aim of the NIS2 Directive is to boost both the overall level of cyber security in the EU and the level of the national cyber security of Member States for certain critical sectors.
The Directive imposes risk management obligations intended to boost cyber security and an obligation to report significant incidents on the critical sectors of society. The Directive also lists minimum measures that all operators must implement to manage the cyber security risks posed to their operations.
Important information on the NIS2 Directive
- To whom does the Directive apply? (External link)
- What requirements does the NIS Directive impose? (External link)
- How to report significant incidents? (External link)
- Voluntary reporting to the National Cyber Security Centre Finland of Traficom (External link)
- How to prepare for the cyber security risk management requirements of the Directive? (External link)