Description | Location/link | date |
---|
NIS-2 directive (EU 2022/2555) full text/ all languages | https://eur-lex.europa.eu/eli/dir/2022/2555/oj | 14 dec 2022 |
Blogpost Andrew Cormack (focus on incident respons cooperation) | https://regulatorydevelopments.jiscinvolve.org/wp/2023/01/05/nis-2-directive-cybersecurity-improvement-for-all/ | 5 Jan 2023 |
GÉANT NIS-2 Infoshare II - 11 January 2023 | Slides presentation Alf Moens and Edit Herczog, the recording can be found here. | 11 jan 2023 |
Publication on 2nd Infoshare | https://connect.geant.org/2023/01/17/eu-security-union-2nd-infoshare | 17 jan 2023 |
NIS2 for NRENs - A Call to Action - GÉANT has asked Stratix to develop a position paper to facilitate effective responses to the implementation of the Directive in different countries. This position paper is intended to assist organisations by providing insights into the key issues, risks and potential responses to NIS2. It includes a brief introduction to the directive, potential issues for NRENs, solutions and recommendations to consider.
| Stratix: NIS2 for NRENs - A Call to Action | 12 july 2023 |
NCSC Ireland: A quick guide to NIS2 | NIS 2 Quick reference guide.pdf | 21 oct 2023 |
DG CNECT has issued Guidelines to Member States on: - on the application of Article 3(4) of Directive (EU) 2022/2555 (NIS 2 Directive): specific section on domain name registration services. Member states are required to establish a list of essential and important entities as well as entities providing domain name registration services by April 17, 2025
- on the application of Article 4 (1) and (2) of Directive (EU) 2022/2555 (NIS 2 Directive): relationship between NIS-2 and current and futiure sector-specific legal acts addressing cybersecurity risk-management
| https://digital-strategy.ec.europa.eu/en/library/commission-guidelines-application-article-34-directive-eu-20222555-nis-2-directive
https://digital-strategy.ec.europa.eu/en/library/commission-guidelines-application-article-4-1-and-2-directive-eu-20222555-nis-2-directive | 14 sep 2023 |
NIS 2 Self-assessment Netherlands - The Dutch government is working on incorporating NIS2 into national law. Organisations are advised to proactively assess risks and implement security measures in advance of regulatory clarity. A self-assessment questionnaire is provided (see link) to determine whether an organisation falls under the NIS2 Directive. The government is encouraging early preparation for compliance and business continuity.
| Website of the dutch national cybersecurity center on NIS2: "What will the NIS2 guideline mean for your organization?" with a NIS2 self-assessment questionnaire: https://regelhulpenvoorbedrijven.nl/NIS-2-NL/
| 14 nov 2023 |
Report on cybersecurity and resiliency of Europes communications infrastructures | https://digital-strategy.ec.europa.eu/en/library/report-cybersecurity-and-resiliency-eu-communications-infrastructures-and-networks | 21 feb 2024 |
Cybersecurity risk management & reporting obligations for digital infrastructure, providers and ICT service managers The first implementing act has been proposed. As regards technical and methodological requirements of cybersecurity risk-management measures and further specification of the cases in which an incident is considered to be significant. It is open for comment for a month until 25 July 2025. | https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14241-Cybersecurity-risk-management-reporting-obligations-for-digital-infrastructure-providers-and-ICT-service-managers_en | 27 jun 2024 |