The NIS 2 Directive is a set of rules in the European Union (EU) that aims to enhance cybersecurity in key industries. It became effective on January 16th, 2023, and EU member states are required to implement it by October 17, 2024.
Get in touchWho does NIS 2 apply to?
The directive applies to certain entities in specific sectors, and it categorizes them as essential or important entities, both needing to meet the same requirements with differences in supervisory measures and penalties.
Sectors of high criticality
(Essential entities*)
Other critical sectors
(Important entities*)
The cybersecurity requirements include measures related to risk analysis, information system security, incident handling, business continuity, supply chain security, network and information systems acquisition, basic cyber hygiene practices, cybersecurity training, cryptography use, human resources security, access control policies, and asset management.
Non-compliance with the directive can lead to significant fines, reaching up to €10 million or 2% of the worldwide annual turnover for essential entities, and up to €7 million or 1.4% for important entities.
Find out more about the new obligations and what you can do to prepare for them.
Download PDFThis solution map offers a very detailed overview and explains which Kaspersky solutions can help organizations to achieve NIS 2 compliance related to each article of the Directive.
Download NIS 2 Solution Map PDFStart preparing
As a cybersecurity vendor, Kaspersky leverages all of its expertise to help organizations build robust cyber defenses and be compliant with NIS 2. We can support you with our leading solutions and services.