Glossary
NIS2
The EU directive that sets cybersecurity requirements for critical infrastructure operators.
Definition
NIS2 (Network and Information Security Directive 2) is a European Union cybersecurity directive that came into force in January 2023, requiring national transposition by October 2024. It significantly expands the scope of its predecessor by covering more sectors and imposing stricter security requirements, incident reporting obligations, and supply chain security measures.
Why it matters
NIS2 applies to a much wider range of organizations than NIS1, including mid-sized companies in energy, transport, logistics, healthcare, and digital infrastructure. Non-compliance can result in fines of up to 10 million euros or 2 percent of global turnover. Many organizations are still unaware they fall within scope.
Our take
NIS2 compliance is part of how we architect cloud infrastructure by default. EU data residency, documented security controls, and incident response processes are built in from the start, not added as an afterthought.
Relevant services
Relevant sectors
Related terms