NIS2UmsuCG – a complicated-sounding string of letters – is coming our way this year and translates as the NIS 2 Implementation and Cyber Security Strengthening Act.
It is estimated that the law will affect at least 30 thousand companies when it is introduced.
It is therefore important that you check whether you also fall under it. This is the case if you belong to the „essential“ and „important“ institutions, or if you are a KRITIS operator. The legislative process is expected to be completed by October 2024.
In any case, you will have to deal with the regulations if you are active in the following sectors:
Essential: energy, transportation, banking, healthcare, drinking water, wastewater, digital infrastructure, ICT service management, administration, financial market, space,
or
Important: Post, waste management, industry, digital services, research, chemical companies, food industry,
and if you have 50 or more employees and generate an annual turnover of 10 million.
However, it is important to note that small companies that generate less turnover or have fewer employees may also fall within the scope of application. If they carry out critical activities that could have an impact on public order, or if they have cross-border effects, they are also affected.
The NIS 2 Directive is also of particular importance for managing directors, CEOs and board members, as they are held accountable. Specifically, this means that these persons must approve and monitor risk management.
If they do not comply with these obligations, this can also result in personal liability. Inadequate or insufficient preparatory actions can also give rise to such liability.
In any case, action should be taken quickly and, if necessary, professional support should be sought. We draw your attention to this in particular as part of our duty to inform. Gindat can also support you in all phases of the process. We recently presented an overview of this topic at our ITQC event to raise your awareness. Feel free to contact us if you have any questions or uncertainties. Our team is always at your disposal.