NIS2 - Where are we now? 

VISO CEO, Stephen Parsons updates on the adoption of the NIS2 directive, also known as the Network and Information Security Directive, which is legislation introduced by the European Union (EU) to enhance the security and resilience of critical infrastructure and digital services. The UK government are also introducing

The initial target date was set for 15th October, 2024. As of May 1, 2025, NIS2 is not yet fully implemented, so where are we now?

Adoption Levels - European Union  

As of May 1st, NIS2 has been transposed in 9 nations, with draft bills of law pending in the remaining states and varying dates for transposition.  Those nations are:

Belgium, Czechia, Greece, Finland, Hungry, Italy, Lithuania, Luxembourg & Slovakia.

In Ireland, as an example, it is likely to be October 2025 before the legislation is transposed, but the recommendation is that those organisations in scope should become compliant ASAP.

What if my organisation is in the UK? 

There are two reasons to take note if you are in the UK. Firstly, if you are dealing with any EU-based organisations, there will be an increased pressure to comply with NIS2, as those in scope push compliance into their third and fourth party suppliers. 

Aligned with that, the UK government have a comparative law in draft which is at first reading stage. There is no clear date as to when this will be transposed into law. However, it will be largely aligned with NIS2.

How can VISO help? 

If you are unsure if this is applicable to your business, or if you’re unsure how to approach it, reach out to our team in VISO today and we can help steer you in the right direction! We can assist you in any way required and help ensure that your company is complying with all required legislation.  

Click here to contact one of the team today