NIS2: What companies can expect now — and how you can prepare yourself effectively

With NIS2, the topic of IT security is becoming mandatory for many companies for the first time. Many already know that changes are imminent — but often not what specific measures are necessary.

What is behind NIS2

The NIS2 Directive significantly expands the previous IT security requirements.

Objectives of the Directive:

• Higher safety standards
• Clear responsibilities
• Mandatory reporting requirements

Who is affected

In addition to critical infrastructures, many medium-sized companies are now also affected.

Typical areas:

• healthcare
• IT service provider
• industry
• Public institutions

What is specifically required

Among other things, companies must:

• Evaluate risks
• Implement safety measures
• Report incidents
• Documenting processes

Where many are currently

In practice, there is often no such thing as:

• Clear documentation
• Structured security strategy
• Defined responsibilities
• Up to date technical protection

How companies should start now

A useful start consists of:

• Current IT analysis
• Assessment of existing risks
• Prioritize key measures
• Step-by-step implementation

conclusion

NIS2 is not a one-time project, but an ongoing process.

CTA

Would you like to know whether your company is affected and what specific measures are required?

We support you with analysis, planning and implementation.

‍