• 10.07.2025
New IT Security Standards in the EU: Why NIS2 Matters Now

New IT Security Standards in the EU: Why NIS2 Matters Now

Rising Cyber Threats and Europe’s Response

The threat landscape in cybersecurity is intensifying. Attacks on companies, public authorities, and critical infrastructure continue to rise, with potentially severe economic and societal consequences. To address this growing risk, the European Union is tightening its requirements for IT security and risk management with the new NIS2 Directive.

What is NIS2?

The NIS2 Directive (2022/2555), originally scheduled for implementation by October 2024, significantly strengthens Europe’s approach to network and information security. It expands its scope to cover a broader range of sectors, including manufacturing, digital infrastructure, healthcare, food production, and public administration. Importantly, it sets stricter standards for cybersecurity, mandates closer cooperation along supply chains, and imposes tighter reporting obligations.

Who is Affected?

The directive affects not only large corporations but also medium-sized companies considered “essential” or “important” for the economy or society. Even companies not directly covered may be indirectly impacted if their business partners require NIS2 compliance throughout the supply chain.

What Are the Requirements?

Organisations must implement robust cybersecurity strategies, report incidents within 24 to 72 hours, and assess vulnerabilities across their entire supply chain. Non-compliance isn’t just risky — it’s expensive. Fines can reach up to €10 million or 2% of global annual turnover, comparable to GDPR-level penalties.

Why Act Now?

Although national implementations across many EU member states are still pending, companies cannot afford to wait. As Auren experts emphasise, early action is key. Structured assessments like Auren’s Cyber HealthCheck help businesses identify gaps, ensure compliance, and build long-term resilience.

The Strategic Importance of Cybersecurity

Cybersecurity is now a board-level priority. For internationally operating firms, aligning with NIS2 is not just about regulatory compliance — it’s about securing digital trust in the global marketplace.

Saskia Korte                                                           Nadiia Lisova

Auditor and Tax Advisor                                         Data Analyst                 

[email protected]                                         [email protected]

NIS2 – Consulting,  Auren Germany

Categorieën