NIS 2 Directive:
Greater security for
Europe's cyberspace.
The NIS 2 Directive expands the 2016 NIS Directive to cover more industries and sectors. The goal: a unified level of cybersecurity across the EU. Here are the key points summarised for you.
NIS 2: Who is affected?
The previous NIS Directive focused on critical infrastructure companies. With the updated NIS 2 Directive, a significantly larger number of companies are now required to comply. This aims to address the growing threats in the digital space. The following sectors, among others, are affected by NIS 2:
• Financial market infrastructure
• Transport
• Energy
• Healthcare
Why is taking action so important?
4,000
cyberattacks occur daily across Germany.
~ 30,000
companies are affected by NIS 2.
60 %
are still not NIS 2 compliant.
Up to €10 million
in fines for non-compliance.
Are you ready for NIS 2?
Find out which companies and business sizes are affected, along with concrete recommendations for action, in our free whitepaper.
Knowledge to go.
Webinar: NIS 2 – The countdown is on
In this expert talk, Prof. Dr. Dennis-Kenji Kipker, IT law expert and founder of the cyberintelligence.institute, and Ari Albertini, CEO of FTAPI, provide in-depth insights into NIS 2 and practical advice on what steps to take next. You'll also learn why there’s no need to panic or rush into hasty measures.
Please note: The webinar took place in April 2024, so some information may be outdated.
Webinar: Secure data exchange in compliance with NIS-2
NIS-2 presents new challenges for businesses, particularly in secure data exchange. Our experts, Björn Röckle and Wiktor Nisnewitsch, will guide you through the essential measures required under the NIS-2 directive to ensure compliant and efficient data exchange. Additionally, the video provides practical insights into how FTAPI can support you in implementing NIS-2 requirements.
The webinar took place on 11 March 2025.
Implement NIS 2 measures
with FTAPI.
Verified and certified security for your data.
Frequently asked questions.
In addition to belonging to a specific group (critical infrastructure, highly important entities, or important entities), companies must also operate in sectors classified as critical.
As of now, municipalities are excluded from NIS 2 based on a decision by the IT Planning Council. However, they are increasingly targeted by cyberattacks and should urgently address cybersecurity—regardless of NIS 2 compliance.
There is no single solution for achieving NIS 2 compliance. The first step should be a comprehensive risk assessment to identify vulnerabilities and derive appropriate measures to mitigate risks effectively.
Since NIS 2 is an EU directive, the same conditions apply across the entire EU, including Austria. Switzerland, however, is not an EU member. Nevertheless, due to close economic ties between Switzerland and the EU—particularly in trade—the NIS 2 Directive is likely to have an indirect impact on Swiss organisations.
Discover more.
Blog
NIS 2: Strengthening cybersecurity in the European Union
Why the tightened NIS Directive is a wake-up call for digital security across Europe.
Product
SecuMails: Secure emails made easier than ever
Send encrypted emails with just one click—directly from Outlook or your browser.
Blog
Supply Chain Act puts companies under obligation
Discover how the Supply Chain Act can be a chance for more efficient processes.
Blog
No matter when – NIS 2 is coming: Why to act now
Find out why preparing for NIS 2 is not optional but a necessity for businesses.