Is your company required
to comply with NIS2?
Find out in 2 minutes.
The NIS2 Directive requires thousands of European companies to implement cybersecurity measures — with fines of up to €10 million for non-compliance. Answer four questions and we'll tell you if you're affected.
Four questions.
Instant result.
Based on the NIS2 Directive and its national transpositions. The result is indicative — complex cases require specific analysis.
Good intentions
aren't enough.
Affected companies must implement technical and organisational cybersecurity measures and demonstrate that they have them. It's not enough to say you work carefully — you need it documented, audited, and you must notify serious incidents within 24 hours.
Responsibility falls directly on management. Boards of directors and CEOs of essential entities can be temporarily disqualified if negligence is demonstrated.
- Cybersecurity risk management — documented policies, procedures and technical controls
- Incident notification — alert within 24 hours, full report within 72 hours
- Supply chain security — require security requirements from critical suppliers
- Management training — governing bodies must understand and supervise compliance
- Business continuity and recovery plans for serious incidents
- Fines of up to €10 million or 2% of global annual turnover
You're affected and don't know where to start?
Tell us your situation. An engineer will explain the specific obligations your company has and what would need to be done to meet them.