Ready for NIS2? We equip your company for EU security standards

NIS2 is the updated EU Network and Information Security Directive, which aims to ensure a higher level of security for networks and information systems across the European Union. It extends the requirements of the previous directive by including more companies in its scope and imposing stricter security measures to improve cyber resilience.

Die NIS2-Richtlinie betrifft eine Vielzahl von Unternehmen und Sektoren innerhalb der Europäischen Union. Zu den primär betroffenen gehören:

• Operators of essential services (OES): This category includes companies operating in critical infrastructure sectors such as energy, transportation, banking, healthcare, telecommunications, water supply and digital infrastructure.
• Digital service providers (DSPs): These include cloud computing services, online marketplaces and search engines.
• Other companies and sectors: with the introduction of NIS2, the scope has been extended to include companies operating in sectors such as manufacturing, food production, digital services, etc. if they reach a certain size or play a role in the supply chain
• Providers of electronic communications, public administrations, manufacturers of medical/pharmaceutical devices.

The NIS2 Directive therefore also specifically affects medium-sized and large companies, especially those with over 50 employees and a turnover of over EUR 10 million.

If you do not comply with the NIS2 requirements, significant consequences may follow. Firstly, financial penalties could be imposed, which can be significant depending on the severity of the breach. These penalties can be up to several million euros, depending on the nature of the breach and your company's annual turnover (up to 2% of annual turnover).

In addition, non-compliance with the NIS2 directive can lead to loss of reputation. The trust of customers, partners and other stakeholders could be affected, which could result in long-term business disadvantages. There is also a risk that security vulnerabilities may go undetected or be inadequately addressed, which increases the likelihood of security incidents and data breaches.

Regulatory intervention can also be a consequence of non-compliance with the directive. This can range from ordering additional security checks to business interruptions if the authorities determine that the risk to public safety or critical infrastructure is too high.

Finally, non-compliance with NIS2 may also have legal implications, including possible civil or criminal proceedings if damage has been caused by the non-compliance.

Our experienced IT security experts are familiar with the risks, opportunities and compliance requirements for SMEs, large companies and public authorities. We ensure that your company is optimally protected against threats.

• Analysis
  Our experts assess the status quo and carry out a fundamental analysis of your IT systems, infrastructure and interfaces. This enables us to identify security gaps and vulnerabilities and derive the security measures you need.
• Strategy
  Our IT security team develops a security strategy tailored to your company that covers all risks and ensures compliance with industry-specific requirements and the NIS2 directive.
• Action plan
  Based on your specific requirements, we define the necessary implementation options.
• Implementation
  We implement the planned security measures step by step. In doing so, we integrate technical, organizational, personnel and infrastructural to-do's in order to leave no security gaps open.
• Monitoring
  We are there live during the transition to productive operation as well as during the subsequent monitoring. This is the only way to ensure that they remain secure at all times - even when external conditions change.

• Check whether your company is affected - if you are not sure, >> ask here with no obligation.
• Let professionals uncover and identify cyber security risks.
• Have your systems protected against unauthorized access.
• Get professional advice on the assignment of rights and access.
• Invest in modern phishing protection and MFA.
• Have your employees trained and strengthen your cyber defenses.