NIS2 Consulting

The NIS2 Directive represents a significant step forward in strengthening cybersecurity within the European Union. The aim of the new directive is to further enhance the resilience of network and information systems against increasingly frequent and sophisticated cyber threats, particularly in sectors that are critical to the functioning of society and the economy.

Cybersecurity

What is NIS2?

The NIS2 (Network and Information Security 2) Directive came into force in 2023, and EU member states, including Croatia, are required to implement it by 2025. Its goal is to improve the resilience of digital systems and reduce the risk of cyber threats that can paralyze key services in the economy and society.

More responsibility

Who does NIS2 apply to?

NIS2 expands the list of organizations that must comply with strict cybersecurity requirements.

These include:

  • Energy, healthcare, transport

  • Finance, banking, water supply

  • Digital services and ICT companies

  • Public institutions and government bodies

If you operate a medium or large enterprise in any of these sectors, NIS2 almost certainly applies to you.

IMPLEMENTATION

What does it mean in practice?

Organizations covered by the NIS2 Directive will have numerous obligations to ensure a high level of cybersecurity:

  • 1
    Risk and Incident Management
    Establishment of an Information Security Management System (ISMS)
    Regular risk analysis and system security assessments
    Logging and managing cybersecurity incidents
  • 2
    Security measures and recovery plans
    Access control for information and systems
    Measures for threat detection and prevention
    Business continuity and post-incident recovery plans
  • 3
    Management responsibility
    Organization management bears direct responsibility for security
    Obligation to educate employees and regularly monitor compliance
    Conducting internal audits and security assessments
  • 4
    Incident Reporting Obligations
    An initial report on a significant incident must be submitted within 24 hours
    A detailed report within 72 hours
    A final report after the incident investigation is complete
  • 5
    Supervision and Penalties
    Organizations will be subject to inspections and audits
    Fines for non-compliance may reach up to €10 million or 2% of annual revenue, whichever is higher.

How can we help you?

Assessment and alignment

We analyze your current system, identify potential vulnerabilities, and clearly define exactly what your organization needs in order to comply with NIS2 requirements. You receive a concrete plan, free of technical jargon, tailored to your size and industry.

Development of security documentation and policies

We assist in creating all necessary procedures, policies, and internal documents - from incident management plans to cybersecurity strategies. Our team ensures everything is clear, understandable, and legally compliant.

Technical solutions and ongoing support

We implement technical protection measures (access control, backups, threat detection systems, etc.) and provide continuous support through IT maintenance, monitoring, and rapid response in case of incidents. You focus on your business - we’ll take care of your security.

More from our offer
IT SUPPORT
We provide a comprehensive ICT "from A to Z" service, ensuring continuous stability and supporting your entire IT system. Our services range from consulting, procurement, and solution implementation to maintenance and operational support. Our goal is to help clients focus more easily and with peace of mind on their core business activities.
Find out more

Create a modern
and secure work environment.
Contact us!

Become one of our partners.