NIS2 - A Brief Overview

NIS2 is the current EU cybersecurity directive that raises the level of protection for network and information systems in Europe and significantly expands the scope compared to the original NIS directive.

Key Points:

  • Broader Scope: NIS2 affects companies from 18 critical and important sectors such as energy, transport, health, public administration, and digital infrastructure.
  • Mandatory Security Measures: Companies must implement risk and security measures such as vulnerability management, supply chain security, and incident response.
  • Reporting Obligations: Significant security incidents must be reported within 24 hours.
  • Management Liability: Management bears direct responsibility for compliance.
  • Stricter Sanctions: NIS2 provides for significantly higher penalties, comparable to the GDPR.
NIS2 as a Service

condignum NIS2 Solution

A uniformly high level of cybersecurity in the EU, including resilient digital services and secure supply chains. "NIS(2) Solution" means that companies do not need to build security, risk, and compliance capabilities internally, but receive them as a continuous, structured service. This turns information security into an ongoing process that is professionally managed and transparently governed.

Start

The starting point is the NIS2 Readiness Check.

Results

  • Report on the current status
  • List of open TODOs

Requirements

  • None

Process

  • 4-hour workshop for joint assessment with an accredited Quaste auditor on the condignum platform
  • Generation of the PDF report

Including

  • 3 months access to the condignum Security Platform
Get in touch