NIS-2 Directive

Strengthening Cyber Resilience in the EU

Cyber threats are on the rise in the European Union, making cyber resilience more important for businesses than ever. With the EU NIS-2 Directive (Network and Information Security Directive) coming into force in 2023, companies in critical economic sectors have been facing sharpened security requirements. In Germany alone, approximately 30,000 organizations in Germany are affected by expanded thresholds and scopes, necessitating them to undertake the major task of strengthening their cyber resilience. Subject to the adoption of Member State laws (such as the German NIS2 Implementation Act), companies must implement respective measures as early as 2024, exposing themselves, otherwise to risk of official intervention, sanctions and substantial fines. Our experts are dedicated to support you in ensuring compliance with NIS-2 requirements.

Cybersecurity

Implement Organizational, Operational and Technical Measures

Article 21 of the NIS-2 Directive in particular sets forth requirements to cybersecurity measures. The Directive prescribes not only for organizational measures such as risk management and information security policies, or operational measures related to dealing with incidents and security training, but also brings technical measures to the fore. For example, how does your company deal with multi-factor authentication and encryption? We will be happy to show you how to design, implement and verify the necessary cybersecurity measures.

Our Approach to NIS-2 Implementation

Achieve NIS-2 Compliance in Six Steps

Our goal is to ensure that your company meets the requirements of the NIS-2 Directive – while also establishing the most efficient and effective processes and procedures possible. The NIS-2 implementation process consists of a clearly defined framework of six steps. The steps themselves are, however, designed with flexibility, to allow for precise tailoring to your business requirements. Moreover, our integrated and practical approach also considers the existing cybersecurity measures in your company. We are happy to engage with the following topics together with you:

  • Generating general impact and GAP impact analyses
  • Defining actions
  • Specifying measures
  • Planning implementation
  • Implementing policies, concepts, and security procedures
  • Preparing NIS-2 audits

Your Contact

Germany
ÖffnenSchließen
Dennis Müllerschön

Dennis Müllerschön

Switzerland
ÖffnenSchließen
Christian Schnell

Christian Schnell