{"id":102393,"date":"2026-04-01T19:30:42","date_gmt":"2026-04-01T17:30:42","guid":{"rendered":"https:\/\/firstcolo.net\/glossar\/nis2-directive\/"},"modified":"2026-05-28T23:26:54","modified_gmt":"2026-05-28T21:26:54","slug":"nis2-directive","status":"publish","type":"glossary","link":"https:\/\/firstcolo.net\/en\/glossary\/nis2-directive\/","title":{"rendered":"NIS2 Directive"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t
\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t

What is the NIS2 Directive?<\/h1>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\tNIS2 (Network and Information Security Directive) is an EU directive that ensures a high common level of cybersecurity across the European Union by establishing stricter security requirements, supervisory measures, and sanctions for companies in critical sectors. \n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

What does the NIS2 Directive state?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The directive obliges companies to take proactive risk management measures to ensure the security of their network and information systems. This includes not only technical precautions but also organizational processes such as securing the supply chain and structured incident management. The goal is to significantly increase the resilience of the European economy against cyberattacks such as ransomware or espionage. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Who must implement NIS2 and who is affected?\n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The NIS2 Directive massively expands the circle of affected organizations. In principle, companies are affected if they employ more than 50 people or achieve an annual turnover of over 10 million euros and operate in one of the regulated sectors. The classification is divided into two categories: <\/p>