CCNet

CCNet

Dec 4, 2023   •  1 min read

Navigating The NIS2 Directive - who determines wether your company falls under its purview?

Navigating the NIS2 Directive: Who determines whether your company falls under its purview?

The NIS2 Directive has far-reaching implications for companies within the EU. But who decides whether your company falls under this? This article highlights the process and those responsible for this important decision.

The decision-making process

The determination of whether a company is affected by the NIS2 Directive lies in the hands of the national supervisory authorities of the EU member states. These authorities are responsible for monitoring and enforcing compliance with the NIS2 Directive.

Step 1: Self-assessment

Companies must undertake a self-assessment based on NIS2 criteria, focusing on aspects like company size and the importance of their critical infrastructure.

Step 2: Professional advice

For assistance, companies may seek guidance from consultants and legal experts to gain a comprehensive assessment of their position concerning the NIS” Directive.

Step 3: Exchange with the supervisory authority

To gain additional clarity, companies should directly engage with the relevant nation supervisory authority.

Step 4: Formal decision

The national authority, after evaluating the company’s provided information and other pertinent factors, will issue a formal decision regarding the NIS2 Directive’s applicability.

Step 5: Registration and Compliance

Companies falling under the NIS2 Directive are registered accordingly and undergo regular audits to verify compliance.

Conclusion

It is essential that companies act proactively and, if in doubt, contact the relevant authorities or qualified advisors. By seeking early clarification and ensuring compliance, companies can meet all legal requirements and safeguard themselves against potential risks.

Committing to NIS2 Compliance in the Supply Chain: What You Need to Know as a Supplier

Committing to NIS2 Compliance in the Supply Chain: What You Need to Know as a Supplier

The NIS2 Directive (Network and Information Systems Directive 2) aims to strengthen cybersecurity in the EU and increase resilience to cyber threats. This policy covers companies and organizations classified as “essential service providers” as well as suppliers and service providers working for these service providers. But how does the classification ...

    Carmine Squillace

    Carmine Squillace

    Jan 19, 2024   •  2 min read

Effective response to cyberattacks in line with NIS2 policy

Effective response to cyberattacks in line with NIS2 policy

Cyberattacks are a serious threat to companies of all sizes. In the context of the European Union's NIS2 Directive, it is crucial that companies know how to respond to such incidents. In this article, we discuss the steps companies should take in the event of a cyberattack under the NIS2 ...

    Carmine Squillace

    Carmine Squillace

    Jan 17, 2024   •  1 min read

The crucial role of management in the implementation of the NIS2 directive

The crucial role of management in the implementation of the NIS2 directive

The European Union's NIS2 Directive represents a significant development in the area of network and information security. Its successful implementation requires strong commitment at the highest levels of leadership. In this article, we look at why the role of management in implementing the NIS2 policy is crucial and what specific ...

    Carmine Squillace

    Carmine Squillace

    Jan 15, 2024   •  1 min read