NIS2 Directive

The NIS2 Directive (Directive (EU) 2022/2555) is the EU's main cybersecurity legislation. It expands the scope of NIS1 to cover 18 critical and important sectors, introduces stricter risk-management duties under Article 21, and adds supply-chain due-diligence and incident-reporting requirements.