NIS 2 Directive

Building upon the original NIS Directive (Directive (EU) 2016/1148), the NIS 2 Directive aims to enhance the resilience of network and information systems (NIS) by introducing additional requirements, mechanisms, and cooperation measures to address evolving cybersecurity threats and challenges. The directive focuses on critical sectors and essential services, requiring operators of essential services (OES) and digital service providers (DSPs) to implement robust cybersecurity measures, incident response capabilities, risk management practices, and reporting obligations. Thus, it expands the scope of previous NIS regulations to cover more sectors and imposes stricter security requirements.