Skip to main content
Glossary

NIS2

The EU Network and Information Security Directive 2, which significantly expands cybersecurity obligations for essential and important entities across the European Union. NIS2 introduces stricter requirements, broader scope, and personal accountability for management.

Why it matters

NIS2 is the most significant expansion of EU cybersecurity regulation to date. It applies to far more sectors and organizations than its predecessor, includes supply chain security requirements, mandates 24-hour incident notification, and holds management personally liable for compliance failures. Organizations that already have ISO 27001 have a head start, but NIS2 adds specific obligations around incident reporting, business continuity, and supply chain oversight that go beyond what voluntary frameworks require.

In practice

NIS2 compliance requires risk-based security measures, incident detection and reporting capabilities, business continuity planning, supply chain security assessment, and regular security testing. Member states transpose the directive into national law, so specific requirements vary. In vucavoid, NIS2 requirements can be tracked through baselines, with controls mapped to each obligation. Incident response tracking meets notification timeline requirements, and third-party risk management addresses supply chain provisions.

Related terms

Regulatory Compliance

Adhering to laws and government-mandated requirements. Unlike voluntary frameworks, this is not optional.

Incident Response

The organized approach to detecting, containing, and recovering from security incidents.

Cookie Use on Our Site

To ensure the smooth functioning of our website, we use a limited number of cookies. These cookies are essential for providing you with the services available on our website and to use some of its features. Here is a brief overview:
  • vucavoid_session: This cookie is essential for user authentication. It ensures that your session is secure and recognizes you as you navigate through our site.
  • XSRF-TOKEN: This cookie is critical for website security. It helps protect against cross-site request forgery attacks.
  • latest_marketing_banner_visible_{MARKETING_BANNER_ID}: This cookie simply remembers if you have seen our latest site banner, enhancing your browsing experience without tracking your personal data.

These cookies are strictly necessary to deliver the website, and therefore, we do not require your consent to place these cookies. For more information, please visit our Privacy Policy.