geevo®
geevo®
  • Home
  • About
  • Academy
  • GRC
    • Compliance
    • Governance
    • Risk Management
  • Managed Services
    • Managed Security Services
  • Security Technology
  • Publications
  • Support
  • Careers
  • Contact
  • More
    • Home
    • About
    • Academy
    • GRC
      • Compliance
      • Governance
      • Risk Management
    • Managed Services
      • Managed Security Services
    • Security Technology
    • Publications
    • Support
    • Careers
    • Contact
  • Home
  • About
  • Academy
  • GRC
    • Compliance
    • Governance
    • Risk Management
  • Managed Services
    • Managed Security Services
  • Security Technology
  • Publications
  • Support
  • Careers
  • Contact

NIS Directive

The Directive on Security of Network and Information Systems

The Directive on Security of Network and Information Systems

The Directive on Security of Network and Information Systems (NIS Directive) ((EU) 2016/1148) aims to achieve a high common level of network and information systems security across the European Union in three ways:

  • Improving cyber security capabilities at the national level.
  • Increasing cooperation on cyber security among EU member states.
  • Introducing security measures and incident reporting obligations for operators of essential services (OESs) in critical national infrastructure (CNI) and digital service providers (DSPs).

Consequences for non-compliance

Consequences for non-compliance

Member States are required to set their own rules on financial penalties and must take the measures necessary to ensure that they are implemented. It is likely that Member States will implement tough penalties similar to that of the GDPR (General Data Protection Regulation).


Who must comply?

Who must comply?

The NIS Directive applies to OESs that are established in the EU and DSPs that offer services to persons within the EU. The Directive does not apply to hardware and software developers or digital service providers that are considered small and micro businesses. (Companies employing fewer than 50 people whose annual turnover and/or balance sheet total is less than €10 million).

Contact Us
Affected sectors

Affected sectors

  • Banking and financial market infrastructures;
  • Digital infrastructure;
  • Energy;
  • Healthcare
  • Transport and;
  • Water.

Compliance requirements

Compliance requirements

  • Business continuity management;
  • Compliance with international standards;
  • Incident handling and reporting;
  • Monitoring, auditing and testing and;
  • Security systems and facilities.

Our proposition

Our proposition

Implement a cyber resilience programme that incorporates the following:

  • Robust cyber security defences;
  • Adequate cyber risk preventative measures and;
  • Appropriate tools and systems to deal with and report incidents and      data breaches.

Contact Us

Copyright © 2017 - 2025 geevo®, member of CPbros Group - All Rights Reserved.

Powered by geevo®

  • Support
  • Privacy Statement
  • Terms and Conditions

Incident Response

Incident Response and Digital Forensics

Instant support

Cookie Policy

This website uses cookies. By continuing to use this site, you accept our use of cookies.

DeclineAccept & Close