NIS2 - European Union Cybersecurity Directive

Obligations under the NIS 2 Directive entered into force 8 April 2025

• Check the Cybersecurity Act and the Information Management Act to determine whether your organisation is a NIS 2 entity. For advice, you can contact the supervisory authority of your sector.
• Register for the list of entities maintained by the supervisory authority of your sector.
• Implement the cybersecurity risk management procedure. For more information, see Traficom’s recommendation on cybersecurity risk management measures, for example. The recommendation is targeted at the authorities supervising NIS 2 entities, but it also supports the entities in planning their risk management measures.
• Read more about the procedure for notifying significant incidents. You can submit notifications via the NIS 2 incident notification application.
• Read the EU NIS 2 Directive