top of page
< Back

NIS 2 Directive



As of: 

January 2023




EU Commission

Applicable to: 

Multi-sector, Critical infrastructure sectors, including energy, transportation, banking, health, water supply, and digital infrastructure


Building upon the original NIS Directive (Directive (EU) 2016/1148), the NIS 2 Directive aims to enhance the resilience of network and information systems (NIS) by introducing additional requirements, mechanisms, and cooperation measures to address evolving cybersecurity threats and challenges. The directive focuses on critical sectors and essential services, requiring operators of essential services (OES) and digital service providers (DSPs) to implement robust cybersecurity measures, incident response capabilities, risk management practices, and reporting obligations. Thus, it expands the scope of previous NIS regulations to cover more sectors and imposes stricter security requirements.

bottom of page