NIS2 - European Union Cybersecurity Directive
The aim of the NIS2 Directive is to ensure a common level of cyber security in the whole European Union.
Read more about the NIS 2 incident notification form
Incident notification under the NIS 2 Directive
Obligations under the NIS 2 Directive entered into force 8 April 2025
- Check the Cybersecurity Act and the Information Management Act to determine whether your organisation is a NIS 2 entity. For advice, you can contact the supervisory authority of your sector.
- Register for the list of entities maintained by the supervisory authority of your sector.
- Implement the cybersecurity risk management procedure. For more information, see Traficom’s recommendation on cybersecurity risk management measures, for example. The recommendation is targeted at the authorities supervising NIS 2 entities, but it also supports the entities in planning their risk management measures.
- Read more about the procedure for notifying significant incidents. You can submit notifications via the NIS 2 incident notification application.
- Read the EU NIS 2 Directive