Compliance · NIS2

NIS2

The EU directive expanding baseline cybersecurity and incident-reporting duties to far more “essential” and “important” organisations.

Book a call Take the 2-minute readiness check
A person signing a document at a desk
01

What it is

Baseline duties, broader reach, real accountability.

NIS2 raises baseline security expectations and adds management accountability, risk-management measures, incident-reporting timelines and supply-chain security duties.

It is transposed into each member state’s law, and UK organisations with EU operations can inherit obligations through their counterparties.

02

Who needs it

Essential and important entities, and their suppliers.

Organisations in the directive’s covered sectors, plus suppliers pulled in through supply-chain security requirements.

03

How we help

Scope it, govern it, evidence it.

  • Determine whether and how you are in scope
  • Put governance and risk-management measures in place
  • Build incident-reporting readiness against the required timelines
  • Strengthen supply-chain security and keep the evidence current

Unsure if NIS2 applies to you?

We’ll help you determine scope first, then map the shortest route to meeting it.

Book a call