Question 1

What is a NIS2 readiness assessment?

Accepted Answer

A NIS2 readiness assessment evaluates how prepared your organization is to comply with the EU NIS2 Directive (2022/2555). It covers key areas like cybersecurity governance, risk management, incident reporting, supply chain security, and technical security measures.

Question 2

Who needs to comply with NIS2?

Accepted Answer

NIS2 applies to essential entities (energy, transport, health, banking, digital infrastructure) and important entities (postal services, waste management, manufacturing, food, digital providers) with 50+ employees or €10M+ annual turnover operating in the EU.

Question 3

What are the NIS2 incident reporting deadlines?

Accepted Answer

NIS2 requires a 24-hour early warning to CSIRT/competent authority, a 72-hour incident notification with initial assessment, and a final report within one month of the incident notification.

Before you go...