The Directive on security of Network and Information Systems (NIS Directive) is cybersecurity legislation passed by the European Union (EU) on 6 July 2016.

Its aim is to achieve a high common standard of network and information security across all EU Member States. The Directive was drafted to ensure that ‘operators of essential services’ making significant use of IT – in fields such as energy, transport and healthcare – can continue to operate if a cyber-attack occurs.

The NIS sets out a range of network and information security requirements that apply to operators of essential services and digital service providers (DSPs). Identified operators of essential services will have to take appropriate security measures and to notify serious cyber-incidents to the relevant national authority.

Discover our security trainings!

Contact our specialists for tailored advice.


Back to overview