Leadership Brief

EU NIS2 Directive

Every organization needs to take steps to ensure their cyber resilience and this updated directive provides a useful framework for this. This report provides a summary of the technical obligations that NIS2 places on organizations together with recommended actions. This directive places obligations for cyber resilience on more organizations and these need to start planning for this now. KuppingerCole recommends that organizations adopt the concept of a security fabric to support a consistent approach to achieving cyber resilience across the whole range of digital service delivery models.

Mike Small


1 Executive Summary

The EU NIS Directive (EU 2016/1148) which was aimed at achieving a common standard of network and information security across all EU Member States, is scheduled for an update. The objective of this update is to improve cyber resilience and it extends the range of organizations included within its scope. Organizations need to check whether they will be included and the changes that are coming so that they can plan to comply with their new obligations. This report provides an overview of the technical requirements from the updated directive and recommendations for the actions that organizations should take to prepare.

Since the NIS Directive was adopted in 2016, everyday life has become more dependent on network delivered digital systems. This digital transformation has expanded the cybersecurity attack surface and hence increased the potential impact of cyber threats. The updated NIS2 Directive responds to these challenges by building on and widening the scope of the existing NIS directive. The intent being to increase the cyber resilience of the EU and EU organizations through a variety of means including improving the cyber hygiene of organizations operating within the EU.

KuppingerCole recommends that organizations adopt the concept of a security fabric to support a consistent approach to cyber security and to compliance with the multiple laws and regulations that apply across the various delivery models (on premises, managed services, and cloud.

Full article is available for registered users with free trial access or paid subscription.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package