Crisam Logo
  • CRISAM®
    CRISAM®
    • What is CRISAM®?
    • Method
    • Content
    • Customers
    • Continuing education
    • Webinars
    • Events
  • Areas of application
    Areas of application
    • Information Security Management
    • Integrated Risk Management
    • ESG
    • DORA
    • Data Protection Management
    • Internal Control System & Audit Management
    • Compliance Management
    • Business Continuity Management
    • Tax Compliance Management System
    • Global Internal Audit Standards
    • Project Risk Management
    • SAT legal cadastre module
    • Approvals & Disclosures Workflow Software
    • Conflicts of Interest Software
    • CRISAM® Legal Hold Software
  • Industries
    Industries
    • Automotive
    • Energy
    • Manufacturing
    • Finance
    • Health
    • Trade
    • Real Estate & Construction Industry
    • Broadcasting & Telecommunications
    • Technology
    • Transport & Logistics
  • More
    More
    • Download Center
    • CRISAM® Academy
    • News
    • Jobs
    • CRISAM® Partner
    • Contact
  • en
    • de
Request
  • Sprache
    • de
  • CRISAM®
    • What is CRISAM®?
    • Method
    • Content
    • Customers
    • Continuing education
    • Webinars
    • Events
  • Areas of application
    • Information Security Management
    • Integrated Risk Management
    • ESG
    • DORA
    • Data Protection Management
    • Internal Control System & Audit Management
    • Compliance Management
    • Business Continuity Management
    • Tax Compliance Management System
    • Global Internal Audit Standards
    • Project Risk Management
    • SAT legal cadastre module
    • Approvals & Disclosures Workflow Software
    • Conflicts of Interest Software
    • CRISAM® Legal Hold Software
  • Industries
    • Automotive
    • Energy
    • Manufacturing
    • Finance
    • Health
    • Trade
    • Real Estate & Construction Industry
    • Broadcasting & Telecommunications
    • Technology
    • Transport & Logistics
  • More
    • Download Center
    • CRISAM® Academy
    • News
    • Jobs
    • CRISAM® Partner
    • Contact
  • Request
Mann der Cybersicherheit auf Laptop kontrolliert

Cybersecurity:
Guideline NIS-2 is coming

What you need to do now
Are you keeping pace with cyber security? Is your company well protected against hacker attacks? The new NIS 2 Directive provides new requirements and measures in this area and will affect many companies in Europe. It was adopted in 2022 and is currently being transposed into German and Austrian law.

What is the new NIS-2 guideline?

The new NIS 2 guideline is to be implemented by October 17, 2024 and is the successor to the NIS guideline from 2016.

Its aim is to create a high common level of cybersecurity in the EU, embedded in a modernized legal framework. It also contains precise specifications on which security measures are to be implemented.

NIS-2 is intended to improve resilience and speed of response to security incidents. Affected companies and institutions must take appropriate risk management measures for the security of their network and information systems. They are also subject to stricter reporting obligations.

Who is affected?

This is probably one of the questions you are now asking yourself for your company.

The guideline applies to public or private institutions in various sectors. It can be said in advance that more sectors (from 8 to 18) and more companies per sector will be affected than in the previous NIS guideline.

grünes Rufzeichen Symbol

Sectors with high criticality (+3)

Grafik Sektoren Hohe Kritikalitaet
Grafik Sektoren Hohe Kritikalitaet 2

Other critical sectors (+6)

Grafik Sonstige Kritische Sektoren
Grafik Sonstige Kritische Sektoren2
The threshold for affected companies (Art 1 para. 1 NIS-2 Directive) is

Medium-sized companies

  • 50-250 employees
  • Between 10 and 50 million euros turnover
  • Less than 43 million euros balance sheet total

Large companies

  • More than 250 employees
  • More than 50 million euros turnover
  • More than 43 million euros balance sheet total

The NIS-2 directive contains extended mandatory security measures with specific minimum requirements for, among other things, concepts for risk analysis for information systems and security for information systems, crisis management and BCM, incident management, supply chain security, cyber hygiene and much more.

Have you already established a process for reporting cyber security incidents in your risk management system? Have you already developed concepts for risk management and the security of network and information systems?

Great! Then you are already well on your way. If these topics are still open for you and your company falls within the affected sectors and thresholds, our recommendation is to start implementing NIS 2 compliance as soon as possible.

Depending on which systems and processes are already in place, the project duration for the implementation of NIS 2 may take several months.

In the GRC platform CRISAM®, implementing the NIS 2 guideline is easy. Integrate NIS-2 into your existing ISMS and also use dashboards and customized reports to generate exactly the evaluation and documentation options you need at the touch of a button.

Did you know that management bodies are liable for breaches
if essential risk assessments are neglected or ignored?

The implementation of the NIS 2 guideline should not be a “necessary evil” from a company’s point of view, but should rather be seen as an opportunity to send signals. This means that you meet the highest European standards in the area of cyber security and are optimally prepared for hacker attacks.

Business processes are better protected and the risk of data loss and operational downtime is significantly minimized.

In addition, you protect your company from severe penalties, which can range from seven to 10 million euros or 1.4-2% of total annual turnover (depending on which category your organization falls into).

No risk – just get in touch with us!

Would you like more information? Do you have questions about the implementation of the new NIS-2 guideline?

To help you and your company prepare, we have implemented the EU directive in a catalog (NIS-2) in a building block (NIS-2 EU). These 35 control objectives will make it much easier for you to implement the new guideline.

Please feel free to contact us.

We will support you in this process with CRISAM® GRC!

Schedule a demo appointment now

Smartphone wird in die Höhe gehalten

No risk - let's just stay in touch!

Telefonsymbol in grün für Kontaktaufnahme.
Phone

+43 (0)732 601 216-0

Umschlag-Icon in grün, das den Versand von E-Mails symbolisiert.
E-Mail

office@crisam.net

Papierflieger in grün, der die Versandoption für E-Mails symbolisiert.
Newsletter

Register now

CRISAM GRC Software
Darstellung eines Trends im Risikomanagement

CALPANA business consulting GmbH

Blumauerstr. 43

4020 Linz, Austria

+43 (0)732 601 216-0 sales@crisam.net

CALPANA business consulting Deutschland GmbH

Paul-Dessau-Str. 1

22761 Hamburg, Germany

+49 (40) 35 98 29 21 sales@crisam.net

CALPANA business consulting GmbH

Blumauerstr. 43

4020 Linz, Austria

+43 (0)732 601 216-0 sales@crisam.net

CALPANA business consulting Deutschland GmbH

Paul-Dessau-Str. 1

22761 Hamburg, Germany

+49 (40) 35 98 29 21 sales@crisam.net
CRISAM®
  • What is CRISAM?
  • CRISAM® Method
  • CRISAM® Content
  • Events
  • Continuing education
Customers
Webinars
Operational area
  • Information Security Management
  • Data Protection Management
  • Integrated Risk Management
  • Internal Control System & Audit Management
  • Business Continuity Management
  • Project Risk Management

© 2023 CALPANA business consulting GmbH. All rights reserved.

  • Imprint
  • Privacy
linkedin
xing