nis2 directive compliance

NIS2 Directive Compliance

Meeting the Cybersecurity Requirements of the NIS2 Directive

The Directive (EU) 2022/2555 of the European Parliament and of the Council – also known as the NIS2 Directive (Network and Information Systems Directive) – is a regulatory framework to raise the level of cybersecurity of networks and information systems across the EU, and was announced in December 2022.

Its predecessor, the 2016 NIS Directive (Directive (EU) 2016/1148 of the European Parliament and of the Council), already required certain industries to take appropriate measures for their cybersecurity and incident reporting.

What’s new in NIS2:

  • The broader scope of sectors
  • Stronger and more explicit cybersecurity obligations
  • Includes more governance and accountability for organizations  cybersecurity
  • Addresses cybersecurity of the supply chain and third parties
  • Includes cyber incident reporting requirements

The full text of the Directive can be found here

Redefining the importance of cybersecurity in the EU

With the NIS2 Directive, the EU Parliament aims to increase the level of cyber resilience. They identified an inconsistent level of resilience across the Member States and sectors, as well as a lack of common understanding of the main threats and challenges, and a shortcoming of common crisis response. Therefore, the revised Directive incorporates legal measures to increase the overall cybersecurity level in the EU and shall be transposed into national law.

When will the NIS2 Directive enter into force?

It is planned that the NIS2 Directive will be transposed into national law across EU Member States on 18 October 2024.

Who will be affected by the NIS2 Directive?

The measures will be applicable to all entities which (i) provide their services or carry out their activities in the EU, and (ii) match the description of either an “essential” or an “important” entity in a defined list of sectors. 

The NIS2 Directive includes entities of high criticality, such as:

  • Energy
  • Transport
  • Banking
  • Financial market institutions
  • Health
  • Public administration

And more; see the full list of sectors here

How Utimaco’s cybersecurity solutions help you comply with the NIS2 Directive

Utimaco supports and welcomes the NIS2 Directive. Our cybersecurity solutions help you in preparing to meet the cybersecurity-related requirements defined in Article 21 of the NIS2 Directive. 

Among others, these include the following measures:

  • Supply chain security
  • […] the use of cryptography and, where appropriate, encryption
nis2 directive compliance


NIS2 highlights the importance of cryptography 

Cryptography has been in our DNA for over 40 years. Our hardware security modules enable organizations to implement cryptographic security for a wide range of business applications. In addition to this, we offer key management, encryption software, and Public Key Infrastructure for a complete (data) protection portfolio. 

We enable organizations to build a trusted cybersecurity infrastructure in compliance with NIS2. Comply with NIS2 - and the upcoming federal laws - with a focus on:

Data Protection
Protect sensitive personal and organizational data – regardless of the storage location. 

Trusted Processes
Establish trust throughout your supply chain with identity management and continuous auditing of all involved entities.

Cryptography and Encryption
Implement additional cryptographic operations as needed, based on your infrastructure.



How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.





      Download via e-mail