The NIS2 Directive, adopted by the European Union in November 2022, builds on the original 2016 NIS Directive with the aim of strengthening cybersecurity across Europe. It broadens the range of covered sectors and entities by redefining and expanding categories to include more Essential and Important Entities. NIS2 introduces stronger requirements for governance, risk management, incident reporting, and enforcement, including higher penalties for noncompliance. While its scope and oversight are expanded, the directive largely retains the same core technical cybersecurity principles, focusing on improving resilience, accountability, and consistency across critical and digital services.

Join for free to read