NIS2 Directive

NIS2 is the European Union's directive on a high common level of cybersecurity. It widens the scope of the original NIS Directive to many more sectors and introduces stricter requirements for risk management, supply chain security, and incident reporting.

It places direct accountability on management bodies and sets short reporting deadlines for significant incidents. Member states transpose NIS2 into national law, so exact obligations depend on the country.