NIS-2 directive

New measures to ensure a high level of cybersecurity in the EU, through compliance with the NIS 2 Directive

A smiling man looks over a monitor at a seated colleague. The scene is partially obscured by plants in the foreground, suggesting a lively and friendly working atmosphere. Bright and natural colors dominate the room.
A modern office with four people at standing desks working intently on their computers. The office is bright and decorated with abstract wall art and plants as a room divider, creating a creative and lively working atmosphere. People are dressed casually and professionally, indicating a relaxed but productive work environment.
kutzschbach_it_consulting_nis2_guideline_2

NIS-2 directive
at a glance

The NIS 2 Directive is an evolution of the original NIS Directive from 2016 and was launched by the EU to strengthen cybersecurity in Europe. It aims to create a uniform level of security for network and information systems and increase resilience to cyberattacks.

Compared to the previous version, NIS-2 extends the scope to additional sectors such as energy, transport, health, digital infrastructure and public administration. In addition, cooperation between EU Member States will be improved in order to respond to cyber incidents more quickly and in a more coordinated manner.

The directive will enter into force once EU member states have implemented it into national law by October 2024. It will thus lay the foundation for greater security across the EU.

Who visites is affected

The NIS 2 directive affects public and private entities in 18 sectors at least 50 employees or one Annual turnover of at least EUR 10 million. Some, such as parts of the digital infrastructure and public administration or KRITIS, are affected regardless of their size.

Even if you don't come directly from NIS-2 Implementation Act, affected business partners or customers may have to request evidence from you as a supplier as part of the required supplier management.

What must you do now

According to NIS-2, you must take at least the following cybersecurity measures to manage the security risks of your information systems and prevent or minimize the consequences of security incidents. This requires the protection of IT systems as well as their physical environment.

The management is responsible for monitoring the implementation of measures and is liable for any violations. In addition, she is obliged to take part in training and to ensure that this is also offered to employees.

Early warning within 24 hours of knowledge:
An early warning is required within 24 hours of the incident becoming known. This includes assessing whether the incident was the result of an illegal or malicious act and whether it has cross-border effects.

Detailed report within 72 hours of knowledge:
A detailed report must be submitted within 72 hours of becoming aware of the incident. This report includes an initial assessment of the security incident, including its severity, impact and, if applicable, indicators of compromise.

Progress/final report one month after notification:
A progress or final report must be submitted one month after the incident is reported. This report contains a detailed description of the incident, information on the nature of the threat, its causes, the remedial measures taken and, if applicable, the cross-border impact.

If NIS-2 applies to you, you must register with the national authority.

Our Solution to the NIS 2 guideline

Our focus is to be at your side as experts and to provide you with comprehensive support on your way to NIS-2 compliance. With our managed service, you receive the comprehensive, worry-free package and are on the safe side.

The right solution

with individual adaptation to your needs

Price on request

A concentrated man with tattoos sits in a modern rocking chair, a laptop on his knees, touching his head as if thinking or seeking a solution. He is dressed casually and is in a bright corner of the office next to a large potted plant that creates a calming atmosphere.

We support you

Our Team of experts for the NIS-2 directive

We would be happy to advise you personally on the NIS 2 directive and create an individual offer that suits your requirements.

NIS 2 Directive – New regulations for a high level of cybersecurity

Find out everything you need to know about the NIS 2 directive and how we support companies in implementing it.

Your direct line to us

We look forward to your inquiry! Simply leave us a message and we will contact you immediately.


Request white paper

Remote Maintenance

So that we can help you most easily via remote maintenance, please download it here Teamviewer program Download and contact our support. 

Our support team will then support you directly in setting up the tool.