Back to Resource Library

Is your business ready for NIS 2 compliance?

Learn how to meet the requirements of the EU’s newly strict regulations on cybersecurity for businesses

The European Union will begin enforcing the new regulations embodied in version 2 of its Directive on Security of Network and Information Systems (NIS 2, for short) on 14 October 2024. Designed to respond to a global cyberthreat environment that has become significantly more challenging since the 2016 introduction of the original NIS Directive, NIS 2 requires businesses operating in the EU to meet a broad range of new requirements to improve their cyber resilience, i.e., their ability to both defend against cyberattacks and recover quickly when an attack does succeed.

Further, NIS 2 casts its regulatory eye on many more businesses than the large enterprises that NIS 1 focused on: any business generating at least €10 million in annual turnover per year, and organizations of any size operating in sectors designated as “essential” (i.e., energy, health care, transportation and water), or “important” (i.e., manufacturing, food, waste management and postal services) must now comply.

To help businesses prepare for NIS 2 compliance, Acronis has created a white paper entitled, “NIS 2 briefing for businesses: What the NIS 2 compliance standards mean for companies doing business in the European Union (EU).” It examines the NIS 2 Directive in detail, focusing on the new cyber resilience requirements that businesses must observe, and providing concrete recommendations on the steps that business and technology leaders should take to avoid the hefty new sanctions that NIS 2 levies on noncompliant organizations. Key topics include:

  • A brief history of NIS 1 and NIS 2.
  • A summary of NIS 2’s expanded scope and new requirements for cyber resilience.
  • Examinations of the roles of artificial intelligence, machine learning and innovation in achieving NIS 2 compliance.
  • The importance of defending against ransomware attacks.
  • The need for businesses to shift to a more proactive footing in their approach to cyber resilience.
  • The strict new incident reporting requirements and non-compliance penalties in NIS 2.
Is your business ready for NIS 2 compliance?