August 2025 - The NIS 2 Directive is the European Union’s cybersecurity framework that requires considerable efforts by companies in sectors like energy, transportation, life sciences and digital infrastructure to establish the required compliance. The directive mandates that the companies within the scope of NIS 2 implement a large number of technical and organizational measures to manage cybersecurity risks and puts cybersecurity as a top management responsibility.
EU Member States must transpose the NIS 2 Directive into their national acts of law. Although a number Member States are delayed in this legislative process, other jurisdictions are already well past requiring registration and implementation of cybersecurity risk management. Regional businesses must set up their cybersecurity management governance in a way that is in line with best practices, but also takes note of the local specifics.
With trusted partnerships across the EU, Kinstellar supports clients in navigating NIS 2 implementation across multiple jurisdictions. Our support includes:
- Assessing whether and to what extent NIS 2 applies to your organization.
- Supporting self-registration where required by national law.
- Providing clear, actionable guidance on legal obligations.
- Reviewing internal policies and procedures for compliance.
- Advising on legal aspects of cybersecurity incident management.
- Guiding supply chain security and service agreement compliance.
Reach out to Kinstellar for expert guidance on NIS 2 obligations and implementation strategies.