Get ready for
the NIS2 directive

NIS2 is the European cybersecurity directive that requires obligated entities to enhance cybersecurity within the EU.
The directive requires security measures to be in place by October 17, 2024.

Contact us Learn more
20k+

Estimated companies involved, excluding supply chains

€ 10 mln

or 2% of annual turnover:
max fine for noncompliance

16

Sectors affected

17.10.24

Deadline for implementing the directive's requirements.

Why you shouldn't wait

Set up a compliance plan for the directive now:
avoid heavy penalties and seize all the opportunities for your company.

  • Risks and penalties

    Large fines, revocation of company certification and personal liability of board members, with consequent impacts on reputation and business continuity, are expected in the event of noncompliance.

    Essential Entities

    • Up to 10 mln euros
      or 2% of turnover

    Major Entities

    • Up to 7 mln euros
      or 1.4% of turnover

  • Benefits

    A NIS2 compliant business is more secure, reliable and attractive in the market. Compliance with NIS2 is a driver of growth and competitiveness for your business.

    • Lower risks
      of data breach and loss
    • Improves reputation
      among customers and partners
    • Gain access to new markets
      and customers
    • Make processes more efficient
      and reduce costs

Which companies are involved?

NIS2 classifies organizations into Essential Entities and Important Entities, based on the criticality of their industry and the size of the company.

Highy critical sectors

  • Energy
  • Transportation
  • Healthcare
  • Public
    administration
  • Banking
    and finance
  • Digital
    infrastructure
  • Water supply
  • Aerospace

Critical sectors

  • Digital
    service providers
  • Food
  • Post and couriers
  • Research
  • Chemicals
  • Manufacturing
    industry
  • Waste
    management
What to do today

Is your company
subject to the directive?

Contact us to verify if you fall within the scope of NIS2.
We will support you on the path to compliance through a strategic and operational approach tailored to your business.

Request a free consultation Discover the pathway

How to become compliant to NIS2

Know the path to comply with the directive: four operational and strategic steps adaptable for your business.

01

Training

Together with the Corporate Board we clarify what the actual scope of NIS2 is and define the perimeter to be protected.

  • Advice on the actual area of application of the directive and definition of the perimeter to be protected
  • Introduction to the Board on the obligations and penalties involved
  • Training of staff and management on the new responsibilities, obligations, and opportunities
02

Gap Analysis

We assess the level of compliance of the measures required by NIS2 and jointly define all necessary actions.

  • Cyber Risk Assessment
  • Assessment of the level of compliance
  • IT and OT infrastructure security analysis
  • Gap analysis report and critical issues detected
  • Definition of corrective Action Plan
03

Implementation and measures

We implement the corrective measures defined during the Gap Analysis and conduct awareness and training for Board, employees and corporate suppliers.

  • Implementation of mandatory measures
  • Supply chain security
  • Definition of Security Policy
  • Awareness and Training
04

Continuous security

In this last phase we define the most effective preventive measures for continuous improvement of Security Posture & Governance.

  • Continuous security testing
  • Cyber threat intelligence
  • Adoption of preventive measures
Learn more in related articles

Take a step toward a safer future

Contact us to schedule an appointment to comply with the upcoming directive.

    * required fields