The NIS2 Directive: a new horizon for cybersecurity in the EU -

The NIS2 Directive: a new horizon for cybersecurity in the EU

11 Jun 2024

Discover our comprehensive solutions to ensure compliance with NIS2

Direttiva NIS2The NIS2 Directive represents a significant step towards strengthening cybersecurity across the European Union. With the goal of establishing a high common level of security of networks and information systems, the NIS2 introduces stringent measures for the management of cyber risks and reporting obligations for the entities involved

How can we support you?

 As a leader in the consulting sector, RINA offers comprehensive solutions to ensure compliance with NIS2. Our approach includes:

- Compliance Assessments: Detailed analyses to ensure that your company meets all the requirements of NIS2.

- Expert Guidance: Specialized consulting to navigate the complexities of the directive and implement the best cybersecurity practices.

- Technological Integration Services: Advanced solutions for vulnerability assessment and penetration testing, ensuring that your infrastructures are protected against cyber threats.

What are the penalties for non-compliance with NIS2? 

The NIS2 Directive establishes specific sanctions for companies that fail to meet compliance requirements. These sanctions include:

- Non-monetary remedies: National supervisory authorities can impose compliance orders, binding instructions, orders to implement security audits, and orders for companies to notify customers of threats.

- Administrative fines: For essential companies, Member States must provide for a maximum fine of at least €10,000,000 or 2% of the total annual global turnover, whichever is higher. For important companies, the maximum fine is at least €7,000,000 or 1.4% of the total annual global turnover.

- Criminal penalties for management: NIS2 introduces measures to hold corporate management members personally accountable in case of serious negligence following a security incident. This can include the order to make compliance breaches public and, in the case of essential entities, a temporary ban on holding managerial positions in case of repeated violations.

These measures are designed to hold corporate management accountable and prevent serious negligence in managing cyber risks.

Upcoming webinars and training courses

Contact us to stay updated on upcoming training events: our experts will address the challenges and opportunities presented by NIS2, facilitating your journey towards full compliance.

Andrea Aluigi