Tips for NIS2 compliance

The Network and Information Security Directive (EU) 2022/2555 (NIS2 Directive) significantly expands the group of affected companies and significantly tightens the cybersecurity requirements – the keyword is: managing director responsibility. Detailed information on the requirements under the NIS2 Directive can be found here. For an efficient implementation of the NIS2 Directive, companies are in need of a holistic concept for cybersecurity compliance.

Check if you are affected

The NIS2 Directive applies to all companies providing services or operating in the EU, provided they employ at least 50 people or have an annual turnover and annual balance sheet total of more than 10 million EUR and belong to one of the critical sectors. Check now if you are affected with our free Quick-Check!

Deriving requirements

In addition to governance and cybersecurity awareness, the NIS2 Directive obliges companies to establish a risk management and a procedure for handling security incidents. Companies must determine which measures are specifically required by means of a gap analysis.

Implementing measures

According to the NIS2 Directive, management bodies must ensure that the necessary technical, organisational and legal measures are taken and they must monitor their implementation. In case of non-compliance, managing directors can be held personally liable for breaches.

Monitoring and reporting

Both the legal situation and internal company processes are subject to change, which can be accompanied by new requirements. Companies must therefore continuously monitor both the legal situation and internal structures and react to changes.

NIS2 Quick-Check

In Europe, it is estimated that more than 100,000 organisations will be affected by the NIS2 Directive in the future. However, a large number of companies are not yet aware that they are affected. Use our free Quick check to find out whether your company is affected.

About us

100% expertise. 0% nonsense. We have extensive experience in cybersecurity compliance management and combine consulting practice and research in cybersecurity law. Our advice is: Smart. Efficient. Spot-on.

Attorney at law Stefan Hessel, LL.M.

Salary Partner and Head of Digital Business at reuschlaw

Prof. Dr. Dennis-Kenji Kipker

Of Counsel at reuschlaw


Do you have questions about the NIS2 Directive or need support? We would be happy to assist you. Simply write us – or give us a call! We will get back to you as soon as possible.

  • Address

    Berlin office
    Joachimsthaler Str. 34
    10719 Berlin
  • Phone

    +49 30 / 2332 895 0
  • Email
  • Address

    Saarbrücken office
    Stengelstr. 1
    66117 Saarbrücken
  • Phone

    + 49 681 / 859 160 0
  • Email