
Ireland's NIS2 Law Is Coming: What EU Suppliers Need to Know
Ireland's National Cyber Security Bill will pull its data-hub economy into NIS2 scope. What MSPs and suppliers should do before the law goes live.
The latest insights on NIS2 compliance and cybersecurity.

Ireland's National Cyber Security Bill will pull its data-hub economy into NIS2 scope. What MSPs and suppliers should do before the law goes live.

Manufacturing is in scope for NIS2 — and the IT/OT boundary is where audits fail. A practical guide to segmentation, OT incident reporting, and the June 2026 deadline.

ENISA's EUVD is live and the September 2026 manufacturer reporting deadline is real. Here's how consultants and MSPs operationalise NIS2 coordinated vulnerability disclosure.

Hospitals are essential entities under NIS2 with the strictest oversight. Here is what MSPs and consultants must deliver for healthcare clients.

Article 21(2)(f) is the NIS2 audit loop that proves your controls actually work. Here's how MSPs and vCISOs operationalise it before an auditor does.

CIR 2024/2690 turns NIS2 business continuity into 20+ evidenced requirements. What auditors check in 2026 — and where clients fall short.

NIS2 Article 21 names MFA, but ENISA now sets the bar at phishing-resistant. What MSPs and consultants must deploy and document.

Austria's NISG 2026 takes effect 1 October 2026, raising in-scope firms from 100 to 4,000. Registration closes 31 December. What consultants must do now.

The EU has referred France and Spain to the Court of Justice over NIS2. Here's what the referral means for suppliers and MSPs — and what to do this week.

On 30 June 2026, essential entities must have completed their first NIS2 compliance audit. Here is exactly what consultants and MSPs need to evidence before the deadline.

The European Commission proposed targeted NIS2 amendments in January 2026. Here's what IT consultants and MSPs need to know about ransomware reporting, scope changes, and certification pathways.

On May 26, 2026, the EU's NIS2 Cooperation Group adopted common incident reporting templates. Here's what that means for IT consultants and MSPs managing compliance for European organisations.

France's NIS2 transposition law is expected July 2026, and ANSSI's 152-measure ReCyF framework is already live. Here's what IT consultants and MSPs serving French clients need to act on now.

Italy's NIS2 authority ACN has opened the categorization portal. Every registered NIS entity must submit by June 30, 2026 — and what they file now determines their security obligations come October.
Belgium became the first EU member state to enforce a hard NIS2 conformity assessment deadline. Here is what the CyFun framework means for MSPs and IT consultants serving Belgian clients.

The Dutch parliament approved the Cyberbeveiligingswet (Cbw) on 15 April 2026. Enforcement follows within weeks of entry into force. Here's what organisations in the Netherlands need to do now.
These 10 questions from our NIS2 compliance assessment reveal the gaps that catch even well-prepared organisations off guard. Test yourself — if you hesitate on more than three, you have work to do.
Poland enacted its NIS2 law in March 2026. Registration deadline: 3 October 2026. Here's what it means for EU suppliers and supply chains.
NIS2 Article 21(2)(d) requires cybersecurity clauses in supplier contracts. Learn what must be included and how it affects SMEs in the supply chain.
Portugal's NIS2 law took effect on 3 April 2026. Decreto-Lei 125/2025 is live. Here's what EU suppliers to Portuguese entities need to know now.
Germany's BSI registration deadline passed on 6 March 2026. Around 18,000 companies failed to register. Here's what happened and what it means for your business.
Learn how to run a NIS2 gap analysis against Article 21. Identify compliance gaps, prioritise actions, and prepare before enforcement begins.
NIS2 fines reach €10M or 2% of global turnover. Learn what board members risk, which measures are mandatory, and how to prepare before enforcement starts.
NIS2 fines get the headlines. But management bans, public naming, and suspended operations can hurt your business far more. Here are the 7 penalties you need to know.
If your organisation operates in the financial sector, you may face two overlapping EU regulations: NIS2 and DORA. They share common ground but serve different purposes. Here is how they compare — and what you need to do.
Managed service providers fall under NIS2 directly — AND face new requirements from their customers. This creates a unique challenge, but also a massive business opportunity. Here is how to turn NIS2 from a compliance burden into a revenue stream.
When a significant cybersecurity incident hits, NIS2 gives you just 24 hours to file your first report. Miss the deadline and you face additional penalties. Here is exactly what you need to report, when, and to whom.
NIS2 doesn't just regulate the organisations in scope — it reshapes the entire supply chain. If you're a supplier, MSP, or software vendor to a NIS2 entity, expect new cybersecurity requirements. Here is what you need to know.
Article 21 of the NIS2 Directive lists ten cybersecurity measures every covered organisation must implement. This guide explains each one in plain language — with practical examples of what "good" looks like.
The NIS2 transposition deadline was October 2024, but implementation varies wildly across the EU. Some countries are fully enforcing the law. Others haven't even finished drafting it. Here is the current status per country.
If your organisation already has ISO 27001 certification, you have a solid foundation for NIS2 compliance. But ISO 27001 alone is not enough. Here is exactly where the gaps are — and how to close them.
Under NIS2, board members are personally liable for cybersecurity failures. This is not a theoretical risk — it is written into EU law. Here is what that means for you as a director.
One of the most common questions about NIS2 is: does it actually apply to me? The answer depends on two factors — your organisation's size and the sector you operate in. Here is how to find out.
The NIS2 Directive is the EU's most ambitious cybersecurity law to date. It applies to thousands of organisations across 18 sectors. Here is what it means for your business — and what you need to do.