The NIS-2 Directive was published end of December 2022. This pages will give all essential references.
In January 2023 EU member states started the process of transposing this directive into national legislation. This legislation needs to be in place by mid October 2024 and will then be in effect immediately.
The NIS-2 directive will regulate both on national level and on organisation level. As the directive is a EU directive it is primarily applicable on EU member states. Some associated members (like Norway) will probable also transpose the directive into national legislation.
February 2023: action needed from each NREN
NRENs need to seek dialogue with there national implementation coordinator in order to discuss there position. Due to the nature of NREN-business national coordinators might need assistance in deciding upon the position of the NREN.
GÉANT Infoshare on NIS-2 on January 11th, 2023: https://events.geant.org/event/1339/
GEANT Infoshare III on NIS-2 on March 28th, 2023, 13.00 CEST
References
| Description | Location/link | date |
|---|---|---|
| NIS-2 directive (EU 2022/2555) full text/ all languages | 14 dec 2022 | |
| Blogpost Andrew Cormack (focus on incident respons cooperation) | 5 Jan 2023 | |
| GÉANT NIS-2 Infoshare II - 11 January 2023 | Slides presentation Alf Moens and Edit Herczog, the recording can be found here. | 11 jan 2023 |
| Publication on 2nd Infoshare | https://connect.geant.org/2023/01/17/eu-security-union-2nd-infoshare | 17 jan 2023 |
What does the NIS-2 directive cover for a member state?
A large p[art of the NIS-2 directive is about what member states themselves need to do on national level. The most important are:
- A member state needs ti implement the NIS-2 directive by transposing it into national legislation
- A member state needs to have a national CSIRT and should set up a network of sectoral CSIRTs