Don’t miss out! To continue reading this article become a Knowledge Exchange member for free and unlimited access to Knowledge Exchange content and key IT trends and insights.
EU places Cybersecurity as top directive for 40K business in its member states by mandating companies to comply with its new legislation to protect businesses from attacks and breaches.
The Network and Information Systems (NIS2) Directive is an extension of the original NIS Directive published in 2016, which has been adopted by EU member states. It imposes stricter cybersecurity requirements and ensures uniform sanctions across the EU. It came into effect in January 2023, and must be established as law by all member states and submitted to the European parliament for review by its council by October 2024 which means should your company fall within the criteria set by the directive, compliance with the new requirements will be mandatory.
The legislation expands on the number of sectors covered in the original legislation to encompass all companies that play a critical role in society. The distinction is made between “essential” and “important” entities within these sectors, with both categories required to comply with stringent security measures. Essential entities are subject to proactive supervision, while important entities are monitored after incidents of non-compliance are reported. The NIS2 Directive significantly expands its scope to cover a wide range of sectors and organizations, impacting approximately 40,000 additional companies across the EU, which will be overseen at a national level by each member state’s respective governing body for cybersecurity.
Don’t miss out! To continue reading this article become a Knowledge Exchange member for free and unlimited access to Knowledge Exchange content and key IT trends and insights.
