What is NIS2?
NIS2 stands for Network and Information Systems Directive 2 and is the EU’s directive for information security. The goal of NIS2 is to strengthen information security for critical services in the EU and EEA areas against increasing threats and cyberattacks.
The NIS2 directive imposes a number of security requirements that Norwegian companies must comply with. These requirements apply from October 2024 in Europe. It is expected that this directive will come into force in Norway during 2025. Companies should aim to become NIS2-compliant quickly if they are to provide critical services in the future.
NIS2 includes, among other things, the following requirements:
-
Companies must ensure training and good information flow about cybersecurity.
-
Stricter requirements for supplier management and security throughout the supply chain.
-
The requirements for incident reporting and handling will be expanded.
-
Management must be involved in decisions related to cybersecurity.
The target group for NIS2 is companies and public services that provide critical services. Selected target groups include sectors such as energy, transport, finance, health, drinking and wastewater, digital infrastructure, public administration, and ICT services.
Companies that want to deliver contracts in these areas must be NIS2-compliant to provide services.
Sicra and NIS2
In the context of Sicra, NIS2 means that we have been working early on to become NIS2-compliant ourselves. Sicra has already reached the finish line in that regard.
Sicra also offers a CISO-for-hire service. Part of this service includes helping companies become NIS2-compliant.
Services:
Read about "NIS2 and ISO27001" here >
Read about our "CISO-for-hire" service here >
Related words: Compliance, Incident Reporting, Incident Handling, CISO-for-Hire