NIS2 Directive

The EU’s Network and Information Security Directive, known as NIS2, will be nationally implemented in October 2024. NIS2 has a significant impact on different actors. Now is the right time to look at the requirements of this legislation.

Do you know what requirements the directive imposes? What practical effects will the directive bring? Does your product and actions comply with the regulation?

How can Huld help you to reach NIS2 requirements?

Huld has a ready-made framework developed for assessing NIS2 requirements. With the help of the framework, our digital security experts can effectively create a comprehensive situational picture of whether your products and activities meet the requirements of the directive.

NIS2 Compliance Assessment

Our evaluation method is based on the NIS2 directive, NIS2-related national laws, and the ISO 27001:2022 standard.

NIS2 compliance assessment includes interviews and analysis of source material related to security management and, especially, risk management practices. Documentation, processes, and practices are compared to the requirements set by the NIS2 requirements, and deviations and development needs are identified. Security risk management practices and notification of deviations are at the center of the evaluation.

The assessment will result in a list of detected deficiencies with justifications, development proposals to correct the identified deficiencies, and a summary of NIS2 compliance.

Support for Implementation

Implementation support includes supporting both the risk management operating model and the implementation of risk management measures.

During the evaluation, we will together decide on individual development items, based on the jointly identified development needs and your priority. Our experience from security consulting and work as official information security auditors give us a strong view of how risk management should be integrated into practical operations and decision-making. In addition, we have broad expertise in technical security and security management, which NIS2 requires.

NIS2 Training

As a part of the project, trainings can be included to provide information on incorporating the NIS2 directive. Trainings are typically held for the organization’s management and people involved in information systems management. In addition to the training sessions, you receive training material for further use.

We are ready to help. Contact us and let’s talk more!