Skip To Main Content 2023 Ransomware Report | Download Now

What is NIS2?

The NIS2 Directive was implemented to help organizations defend against cyber threats and strengthen the EU’s cyber infrastructure. Member states now have until October 17, 2024 to incorporate NIS2 provisions into local legislation.

The Network and Information Security Directive (NIS) was the first EU-wide legislation addressing cybersecurity. The goal was to establish a common level of cybersecurity across member states.

The EU Commission replaced NIS with NIS2 to respond to the evolving threat landscape and the surge in cyber-attacks.

The NIS2 Directive has three main goals:

Increase Cyber-Resilience Levels

By putting rules in place to ensure that all important and essential entities take adequate cybersecurity measures.

Reduce Resilience Inconsistencies

NIS2 aligns the de facto scope, security and incident reporting requirements, provisions governing national supervision and enforcement, and the capabilities of the Member States' relevant competent authorities.

Improve Joint Situational Awareness

NIS2 facilitates the collective capability to prepare and respond, by taking measures to increase the level of trust between competent authorities, sharing more information, and setting rules and procedures in the event of a large-scale incident or crisis.

What does that mean for your organization?

Several factors led to the replacement of NISD (Network and Information Security Directive) by EU legislators. A significant number of critical entities weren’t required to comply with the legislation and there was a lack of uniformity across the Member States. Lawmakers also cited:

  • Insufficient cybersecurity investment in the EU: A 2020 study by ENISA found that EU organizations allocated 41% less to information security than US counterparts.
  • Unclear expectations from NISD: In the same study, 35% of the respondents applying NISD regulations reported unclear expectations. This led to an inconsistent application of the directive across EU states.
  • Rise in cyberattacks: The EU’s infrastructure has been increasingly affected by ransomware and other types of cyberattacks. Some infrastructures lacked even basic protections, such as segmentation at the IT/OT interface. Additionally, there was a perceived lack of transparency in the reporting of cyberattacks.

Management Accountability

NIS2 requires corporate management to oversee, approve, and be trained on the entity’s Cybersecurity measures and to address cyber risks.

Breaches may result in penalties for management, including being named personally liable and a temporary ban from management roles.

You must perform pen test assessments and evaluate your cyber security risks as part of your risk analysis. Our assessment shows organizations if their current security tools will prevent the latest ransomware attacks and zero-day strains. It will also show you if you can stop illegitimate encryption before significant damage occurs and whether your current solutions can isolate compromised users and devices.

Think you’re in compliance? Find out for sure…

Who Does NIS2 Affect?

More entities and sectors are required to enact stronger cybersecurity measures with NIS2. The Directive classifies entities into two categories: "important" and "essential." Both must meet specific requirements, but the distinction lies in supervisory measures and penalties.

NISD covered essential entities such as energy, transportation, banking, financial market infrastructure, health, drinking water supply and distribution, digital infrastructure, online marketplaces, online search engines, cloud computing services.

NIS2 adds drinking and wastewater, manufacturers of pharmaceutical products/preparation, space infrastructure and services to the essential classification. The Directive also classifies food production, processing, and distribution, manufacturing of chemicals, medical devices, computers, electronics, optical products, electrical equipment, machinery and equipment, motor vehicles, and transport vehicles, heating, electricity market, oil storage, and waste management as important.


This covers selected national entities of any size and includes sub-contractors, infrastructure and service providers.

All 27 EU Member States are included in the NIS2 Directive. The regulations also apply to suppliers outside of the EU if they provide essential or important services to the EU.

The UK Government has confirmed that it is moving forward with plans to update the NIS regulations as they apply to the UK. While there has been alignment since the UKs exit from the EU, UK officials have confirmed that there will be differences going forward in the way that the cybersecurity of critical infrastructure will be regulated.

NIS2 regulations make sense when you consider the ever escalating cyberattacks against critical infrastructure entities.

Fortifying Europe's Critical Infrastructure

The Network and Information Systems Directive (NIS) marked a significant milestone in European cybersecurity by promoting a higher level of protection for essential services and digital infrastructure. It wasn’t enough. The ever-evolving threat landscape called for a comprehensive update, leading to NIS2.

What Does NIS2 Do?
The NIS2 Directive sets tighter cybersecurity obligations for information sharing, risk management, and reporting. The requirements cover incident response, supply chain security, and encryption and vulnerability disclosure along with other provisions.


Elevated Cybersecurity

NIS2 improves cybersecurity requirements across the EU. Its provisions are designed to strengthen resilience and combat the growing menace of cyber threats.

Broader Scope

One of the central tenets of NIS2 is the expansion of its scope. More sectors and entities fall under the NIS2 purview, ensuring a more comprehensive approach to cybersecurity.

Uniform Implementation

NIS2 provides comprehensive guidelines for transposition into national law for consistency and streamlined cybersecurity regulations.

NIS2 Directive's primary objectives

Who Needs to Comply?

NIS2 classifies entities into two categories: “important” and “essential.” These categories share certain requirements but diverge in supervisory measures and penalties.

  • Essential Entities such as energy, transport, banking, health, digital infrastructure, and public administration, will be covered by the new security provisions. These entities are subject to immediate supervisory requirements, ensuring that critical infrastructure remains resilient.
  • Important Entities including postal services, food, manufacturing of medical devices, electronics, waste management, machinery, motor vehicles, chemicals, and digital providers are also protected under the legislation. Their supervision is ex-post, triggered by evidence of non-compliance.

All medium-sized and large companies in selected sectors fall under NIS2 legislation.

Non-EU entities

The directive also applies to certain entities that are not established in the EU but offer services within the EU. These entities are:

  • DNS service providers
  • TLD name registries
  • Entities providing domain name registration services
  • Cloud computing and data center service providers
  • Content delivery network providers
  • MSPs and MSSPs
  • Providers of online marketplaces, online search engines or social networking services platforms

Any such entity is required to establish a representative in one of the member states where it offers its services, and the entity will fall under the jurisdiction of that member state. If the entity fails to establish a representative, any member state in which the entity provides services may take legal action against the entity for the infringement of the directive.

Think you’re in compliance? Find out for sure…

Proactive, Not Reactive

According to lead MEP Bart Groothuis, “This is the best cyber security legislation this continent has yet seen, because it will transform Europe to handling cyber incidents pro-actively and service orientated.”

With our background in securing critical infrastructure and a focus on proactive containment, BullWall is your trusted partner in navigating NIS2 compliance. As the threat landscape evolves, we remain committed to providing cutting-edge cybersecurity solutions and expert guidance.

This is the best cyber security legislation this continent has yet seen, because it will transform Europe to handling cyber incidents pro-actively and service orientated.-Bart Groothuis
Member of the European Parliament

The Challenge of Compliance

While compliance is essential, it can be daunting. The hefty fines for non-compliance are even more daunting. NIS2 introduces stricter penalties, including fines of up to 10% of an entity's annual turnover. NIS2 calls for:

  • Administrative fines of up to €10,000,000 or at least 2% of the total annual worldwide turnover in the previous fiscal year of the company to which the essential entity belongs, whichever amount is higher, for essential entities.
  • Administrative fines of up to €7,000,000 or at least 1.4% of the total annual worldwide turnover in the previous fiscal year of the company to which the important entity belongs, whichever amount is higher, for important entities.

Man looking at a screen


All 27 EU Member States

are included

Essential Entities:

Fines up to €10,000,000

Or at least 2% of the total annual worldwide turnover

Important Entities:

Fines up to €7,000,000

Or at least 1.4% of the total annual worldwide turnover

Board of essential entities can be held

personally liable

The Benefits of BullWall

The European Parliamentary Research Service briefing on NIS2 mentions ransomware as the leading threat in the report’s first paragraph. In addition to containing ransomware, BullWall integrates with all major SIEM and NAC solutions through a full-featured REST API with pre-configured scripts to further maximise your existing investment with integration to your existing security stack. These integrations allow us to send full breach details to your platform of choice to alert your Security Operations Center (SOC) or response team and initiate workflows as configured.

Streamline Reporting Obligations
“Affected companies have 24 hours from when they first become aware of an incident to submit an initial report, followed by a final report no later than one month later.” BullWall Ransomware Containment offers automated compliance reporting for standards such as GDPR and NIST with 24×7 automated detection and response. BullWall Ransomware Containment helps automate risk management and mitigate and stop ransomware/encryption outbreaks and damage to data files.

BullWall Ransomware Containment Includes Response Plans to Ransomware Outbreaks
BullWall enables you to describe plans and scenarios for containment, reactions, and mitigations from a NIS2 perspective. BullWall conducts a full review of the response plan and risk during implementation and makes documentation accessible during an event.

BullWall Server Intrusion Protection helps enforce MFA on Critical Infrastructure
BullWall ensures MFA on every server login and RDP session, which is critical to avoid RDP hijacking and is often a requirement for Cyber Insurance coverage.

BullWall’s Danish roots and strong presence in Europe give us a deep understanding of the cybersecurity requirements of European organizations. Our solution is easy to install and integrate into your existing infrastructure, minimizing disruption to your operations. BullWall is the trusted partner you need as you prepare for NIS2 compliance. BullWall is dedicated to providing state-of-the-art cybersecurity solutions and expert guidance as the threat landscape continues to evolve.

Rapid Installation:

Our solution is easy to install and integrate into your existing infrastructure, minimizing disruption to your operations.

Proactive Containment:

BullWall's automated containment response acts swiftly in the event of an attack, reducing potential damage and ensuring compliance.

Real-time Monitoring:

We provide comprehensive visibility into your network, empowering you to meet NIS2's stringent requirements.

With BullWall, NIS2 compliance is a manageable task. Don't let timelines and fines weigh you down. Partner with us for a straightforward, efficient journey towards compliance.

Think you’re in compliance?
Find Out for sure.

The only solution of its kind

BullWall is designed to be easy to implement and operate, enabling organizations to respond quickly to an attack and reduce downtime. Entirely automated, the system requires no hands-on monitoring and can be integrated with your other security solutions.