{"id":36688,"date":"2024-03-21T10:14:22","date_gmt":"2024-03-21T10:14:22","guid":{"rendered":"https:\/\/www.cyberguru.it\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/"},"modified":"2024-04-09T09:01:53","modified_gmt":"2024-04-09T09:01:53","slug":"the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu","status":"publish","type":"post","link":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/","title":{"rendered":"The NIS2 Directive: a high common level of cybersecurity in the EU"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"h-the-nis2-directive-is-the-eu-wide-legislation-on-cybersecurity-it-provides-legal-measures-to-boost-the-overall-level-of-cybersecurity-in-the-eu\"><em>The NIS2 Directive is the EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU.<\/em><\/h2>\n\n\n\n<p><em><a href=\"https:\/\/digital-strategy.ec.europa.eu\/en\/policies\/nis2-directive\" target=\"_blank\" rel=\"noreferrer noopener\">Network and Information Security2<\/a>, <\/em><strong>codenamed NIS2<\/strong>, is the European directive that came into force last January 17, 2023, to strengthen cybersecurity and safeguard<strong> critical infrastructure in Europe<\/strong> and individual member states by responding to the rise of increasingly sophisticated and malicious cyber threats and establishing a robust defence strategy.<\/p>\n\n\n\n<p>As we have reiterated many times, including in this blog, <strong>the evolution of technology<\/strong>, especially <strong>artificial intelligence<\/strong> tools, the continuous connection of all private and professional devices, and the remote working mode, which was cleared during the pandemic, imply an increasing cyber risk.<\/p>\n\n\n\n<p>Added to all this is the complex global geopolitical situation, which increasingly has a very dangerous implication in the network:<strong>state-sponsored hacking,<\/strong> cyber espionage and cyber warfare are nothing new as global tensions and conflicts increasingly manifest themselves in the digital space. <strong>An increasing professionalization of the cybercrime industry accompanies all this.<\/strong><\/p>\n\n\n\n<p>An explosive combination, to say the least, that disproportionately increases the risk of attacks on essential sectors: energy, education, healthcare, public administration, transportation, media and telecommunications.<\/p>\n\n\n\n<p>All areas that certainly cannot afford to disrupt their operations or put their valuable data assets at risk, and for that very reason are very attractive and lucrative prey for criminals.<\/p>\n\n\n\n<p>A strong acceleration of risk forced the European Union to deeply revise <a href=\"https:\/\/www.cyberguru.it\/en\/compliance\/\" target=\"_blank\" rel=\"noreferrer noopener\">the previous <strong>NIS directive of 2016<\/strong><\/a>, implemented in Italy in 2018, which many said was deficient, by issuing <strong>NIS2<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-the-objectives-and-actions-envisaged-by-nis2\"><strong>The objectives and actions envisaged by NIS2.<\/strong><\/h3>\n\n\n\n<p>The new directive thus takes a <strong>necessary step forward<\/strong> in digital resilience and threat management. <br>It not only enhances <strong>cybersecurity<\/strong> but wants to lay out a roadmap to ensure uninterrupted business performance and promote a properly trained workforce capable of ensuring proper digital posture in any work organization.<br><strong>It does so by pursuing several objectives,<\/strong> from broadening the scope of applicability to eliminating the &#8211; now obsolete &#8211; differentiation between essential service operators and digital service providers, <strong>from improving coordination<\/strong> in terms of security measures provided and resources available to supervisory authorities to reduce the discretion of member states.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-to-achieve-its-objectives-nis2-has-planned-several-actions-including\"><strong>To achieve its objectives, NIS2 has planned several actions including:<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The implementation of resource management practices to identify and <strong>protect critical information systems<\/strong> and resources.<\/li>\n\n\n\n<li>The communication to relevant authorities and maintenance of incident response capabilities.<\/li>\n\n\n\n<li>The implementation of <strong>cybersecurity strategies<\/strong> and <strong>risk management<\/strong> protocols.<\/li>\n\n\n\n<li>The establishment of <strong>incident management protocols<\/strong>, reporting mandates and response plans.<\/li>\n\n\n\n<li>The development of a strategy to ensure the continuity of critical services during <strong>cyber incidents<\/strong>.<\/li>\n\n\n\n<li>The implementation of <strong>supply chain security<\/strong> measures to examine and ensure the security of third-party vendors.<\/li>\n\n\n\n<li>The <strong>training and sensitization of employees<\/strong> on optimal cybersecurity protocols. <\/li>\n\n\n\n<li>The <strong>quick reporting of incidents<\/strong> to the appropriate bodies.<\/li>\n\n\n\n<li>The elimination of inconsistencies and the strengthening of communication and cooperation among member states.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-actors-and-sectors-involved-in-nis2\"><strong>Actors and sectors involved in NIS2.<\/strong><\/h3>\n\n\n\n<p>One of the most important new features introduced by the NIS2 Directive is the <strong>wide pool of product sectors involved<\/strong>. <br>The distinction, considered obsolete, between Essential Service Operators and Digital Service Providers is abandoned in favour of that between <\/p>\n\n\n\n<p><strong>Essential Subjects<\/strong> (the subjects of high-criticality sectors such as for example, public administrations and companies involved in energy, transportation, banking, health sector, digital infrastructure, etc.;) <\/p>\n\n\n\n<p>and <strong>Important Subjects<\/strong> (all subjects in the other critical sectors, from the size of medium-sized enterprises upwards, such as postal and courier services, waste management, digital service providers, etc.).<\/p>\n\n\n\n<p><strong>The scope of NIS2 thus expands to include other entities<\/strong>, encompassing sectors such as chemical production, medical device manufacturing, food processing, and social networking services, which were not within the jurisdiction of NIS. <br>Although these classifications share similar obligations, <strong>essential entities will be subject to stricter regulatory scrutiny and enforcement actions<\/strong>.<\/p>\n\n\n\n<p>Under the sizing criteria, <strong>all large enterprises in the identified<\/strong> <strong>sectors are automatically involved<\/strong>, i.e., those with more than 250 employees or annual sales of more than <strong>50 million<\/strong> euros or an annual balance sheet total of more than <strong>43 million euros<\/strong>. <\/p>\n\n\n\n<p>Medium-sized enterprises<strong> i.e., <\/strong>those with between 50 and 250 employees or an annual turnover or balance sheet total between <strong>10 and 50 million euros or an annual balance<\/strong> sheet total not exceeding <strong>43 million euros, <\/strong>operating in the identified sectors are also involved. <\/p>\n\n\n\n<p>The criteria for identifying <strong>public administrations<\/strong> are different, leaving more room for the member states evaluation during transposition. Finally, many specific <strong>categories of entities, including small businesses<\/strong>, identified more specifically in the Directive are added.<\/p>\n\n\n\n<p>The result is the broadening of the range of subjects impacted by the Directive:<strong> <\/strong>about<strong> 110,000<\/strong> organizations will be directly involved, divided, indicatively, between <strong>67,000 <\/strong>essential and <strong>43,000<\/strong> important subjects. At the Italian level, the number could be around <strong>15,000 <\/strong>subjects in total. <br><strong>Also important,<\/strong> of course, are the effects on the supply chain.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-supply-chain-protection\"><strong>Supply Chain Protection.<\/strong><\/h3>\n\n\n\n<p>The new directive requires organizations to address supply chain security, including the risks created by supplier relationships. <br>A crucial aspect, is the latter, as many attacks occur due to vulnerabilities of third-party suppliers. Organizations must therefore assess the quality and resilience of the products and services they use to ensure they are not vulnerable to essential service providers. It is also important for organizations to assess how their third-party vendors manage cybersecurity and whether the measures they use are robust enough to protect the entire supply chain.<\/p>\n\n\n\n<p>To ensure a common level of cybersecurity with all providers and reduce the chances of cyber incidents, essential service providers should include the required measures in their contracts with third-party providers.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-cooperation-and-coordination-at-the-european-level-eu-cyclone\"><strong>Cooperation and coordination at the European level: EU-CyCLONe<\/strong><\/h4>\n\n\n\n<p>Much emphasis is placed on the NIS2 Directive on <strong>cooperation between member states.<\/strong> <br>Indeed, provision has been made for the formation of the <strong><a href=\"https:\/\/www.enisa.europa.eu\/topics\/incident-response\/cyclone\" target=\"_blank\" rel=\"noreferrer noopener\">EU-CyCLONe<\/a><\/strong> Organization composed of representatives of EU countries <strong>in charge of cyber crisis management<\/strong> and, if necessary, representatives of the European Commission. <\/p>\n\n\n\n<p>The main objective of EU-CyCLONe is to coordinate how different countries deal with major security issues by ensuring that they are well prepared to handle cyber incidents and crises; that a shared understanding of what happens during these incidents and crises is developed; that the impact of incidents is properly assessed; and that political leaders are guided to make the best decisions about them.<\/p>\n\n\n\n<p>EU-CyCLONe will report regularly to the Cooperation Group on major cybersecurity incidents and trends, particularly those affecting critical organizations and services. <\/p>\n\n\n\n<p><strong>By July 17, 2024<\/strong>, and every 18 months thereafter, the organization will submit a report to the European Parliament and the Council outlining its recent activities.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-emergencies\"><strong>Emergencies<\/strong><\/h3>\n\n\n\n<p>To ensure a rapid response, NIS2 requires affected organizations to send a quick notification to <strong><a href=\"https:\/\/www.csirt.gov.it\/\" target=\"_blank\" rel=\"noreferrer noopener\">the Computer Security Incident Response Team (CSIRT),<\/a><\/strong> or an appropriate national authority, within 24 hours of a significant cyber incident, i.e., one that causes a major disruption of processes or financial loss to the organization or causes substantial tangible or intangible harm to another person. If necessary, organizations may also request assistance in implementing any mitigation measures. Authorities will respond to the notification, offer guidance on how to handle the incident, and inform other affected countries if necessary.<\/p>\n\n\n\n<p>Within 72 hours of learning of the incident, the affected organization must provide details of the attack as well as an initial assessment of the damage. Finally, within one month of notification of the incident, the affected organization must provide a report with a detailed description of the severity, impact, root cause, and mitigation measures applied by the organization.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-cyber-hygiene\"><strong>Cyber hygiene<\/strong><\/h3>\n\n\n\n<p>With cyber threats becoming increasingly complex and sophisticated, organizations must maintain<strong> a basic level of security and cyber hygiene practices<\/strong> to protect essential infrastructure: regular software and hardware updates, periodic password changes, management of new installations, administrator-level access account limitations, and data backups.<\/p>\n\n\n\n<p>In addition, since many attacks occur through connected devices, <strong>employee training and user awareness of common cyber threats are critical<\/strong> <strong>to strengthening the security chain.<\/strong><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The NIS2 Directive is the EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU. Network and Information Security2, codenamed NIS2, is the European directive that came into force last January 17, 2023, to strengthen cybersecurity and safeguard critical infrastructure in Europe and individual member states by [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":36624,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","content-type":"","footnotes":""},"categories":[422],"tags":[470,796,797,795,794],"class_list":["post-36688","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-en","tag-cyber-security-awareness-en-3","tag-nis-directive","tag-nist-en","tag-public-administration","tag-security-awareness-en"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The NIS2 Directive: a high common level of cybersecurity in the EU<\/title>\n<meta name=\"description\" content=\"The NIS 2 Directive (Directive (EU) 2022\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The NIS2 Directive: a high common level of cybersecurity in the EU\" \/>\n<meta property=\"og:description\" content=\"The NIS 2 Directive (Directive (EU) 2022\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Guru\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Cyber.Guru.Enterprise\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-21T10:14:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-09T09:01:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"688\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Cyber Guru\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Cyber Guru\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/\"},\"author\":{\"name\":\"Cyber Guru\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/#\\\/schema\\\/person\\\/7ee941e099c92eb9ea57fceee4ec4736\"},\"headline\":\"The NIS2 Directive: a high common level of cybersecurity in the EU\",\"datePublished\":\"2024-03-21T10:14:22+00:00\",\"dateModified\":\"2024-04-09T09:01:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/\"},\"wordCount\":1307,\"image\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.cyberguru.it\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/6044270470222582154.webp\",\"keywords\":[\"Cyber Security Awareness\",\"NIS Directive\",\"NIST\",\"public administration\",\"Security Awareness\"],\"articleSection\":[\"Security Awareness\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/\",\"url\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/\",\"name\":\"The NIS2 Directive: a high common level of cybersecurity in the EU\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.cyberguru.it\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/6044270470222582154.webp\",\"datePublished\":\"2024-03-21T10:14:22+00:00\",\"dateModified\":\"2024-04-09T09:01:53+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/#\\\/schema\\\/person\\\/7ee941e099c92eb9ea57fceee4ec4736\"},\"description\":\"The NIS 2 Directive (Directive (EU) 2022\\\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.cyberguru.it\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/6044270470222582154.webp\",\"contentUrl\":\"https:\\\/\\\/www.cyberguru.it\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/6044270470222582154.webp\",\"width\":1200,\"height\":688,\"caption\":\"NIS2\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/2024\\\/03\\\/21\\\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/home-page-v2-draft\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The NIS2 Directive: a high common level of cybersecurity in the EU\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/\",\"name\":\"Cyber Guru\",\"description\":\"Security Awareness Training That Works!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/#\\\/schema\\\/person\\\/7ee941e099c92eb9ea57fceee4ec4736\",\"name\":\"Cyber Guru\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g\",\"caption\":\"Cyber Guru\"},\"url\":\"https:\\\/\\\/www.cyberguru.it\\\/en\\\/author\\\/cyber-guru\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The NIS2 Directive: a high common level of cybersecurity in the EU","description":"The NIS 2 Directive (Directive (EU) 2022\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/","og_locale":"en_US","og_type":"article","og_title":"The NIS2 Directive: a high common level of cybersecurity in the EU","og_description":"The NIS 2 Directive (Directive (EU) 2022\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.","og_url":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/","og_site_name":"Cyber Guru","article_publisher":"https:\/\/www.facebook.com\/Cyber.Guru.Enterprise","article_published_time":"2024-03-21T10:14:22+00:00","article_modified_time":"2024-04-09T09:01:53+00:00","og_image":[{"width":1200,"height":688,"url":"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp","type":"image\/webp"}],"author":"Cyber Guru","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Cyber Guru","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#article","isPartOf":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/"},"author":{"name":"Cyber Guru","@id":"https:\/\/www.cyberguru.it\/en\/#\/schema\/person\/7ee941e099c92eb9ea57fceee4ec4736"},"headline":"The NIS2 Directive: a high common level of cybersecurity in the EU","datePublished":"2024-03-21T10:14:22+00:00","dateModified":"2024-04-09T09:01:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/"},"wordCount":1307,"image":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp","keywords":["Cyber Security Awareness","NIS Directive","NIST","public administration","Security Awareness"],"articleSection":["Security Awareness"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/","url":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/","name":"The NIS2 Directive: a high common level of cybersecurity in the EU","isPartOf":{"@id":"https:\/\/www.cyberguru.it\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#primaryimage"},"image":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#primaryimage"},"thumbnailUrl":"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp","datePublished":"2024-03-21T10:14:22+00:00","dateModified":"2024-04-09T09:01:53+00:00","author":{"@id":"https:\/\/www.cyberguru.it\/en\/#\/schema\/person\/7ee941e099c92eb9ea57fceee4ec4736"},"description":"The NIS 2 Directive (Directive (EU) 2022\/2555) is a legislative act that aims to achieve a high common level of cybersecurity across the European Union.","breadcrumb":{"@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#primaryimage","url":"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp","contentUrl":"https:\/\/www.cyberguru.it\/wp-content\/uploads\/2024\/03\/6044270470222582154.webp","width":1200,"height":688,"caption":"NIS2"},{"@type":"BreadcrumbList","@id":"https:\/\/www.cyberguru.it\/en\/2024\/03\/21\/the-nis2-directive-a-high-common-level-of-cybersecurity-in-the-eu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cyberguru.it\/en\/home-page-v2-draft\/"},{"@type":"ListItem","position":2,"name":"The NIS2 Directive: a high common level of cybersecurity in the EU"}]},{"@type":"WebSite","@id":"https:\/\/www.cyberguru.it\/en\/#website","url":"https:\/\/www.cyberguru.it\/en\/","name":"Cyber Guru","description":"Security Awareness Training That Works!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cyberguru.it\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.cyberguru.it\/en\/#\/schema\/person\/7ee941e099c92eb9ea57fceee4ec4736","name":"Cyber Guru","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a5bcbfd3ec7ac7fa68adccd624c2ccab51a63012445e6ec3372c348524942a49?s=96&d=mm&r=g","caption":"Cyber Guru"},"url":"https:\/\/www.cyberguru.it\/en\/author\/cyber-guru\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/posts\/36688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/comments?post=36688"}],"version-history":[{"count":8,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/posts\/36688\/revisions"}],"predecessor-version":[{"id":36984,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/posts\/36688\/revisions\/36984"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/media\/36624"}],"wp:attachment":[{"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/media?parent=36688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/categories?post=36688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cyberguru.it\/en\/wp-json\/wp\/v2\/tags?post=36688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}