Navigating cybersecurity compliance

Our country-by-country guide to the EU NIS2 Directive

The NIS2 Directive, also known as the new version of the Network and Information Security Directive, is a European directive aimed at strengthening cybersecurity across the European Union (EU). The directive is designed to help organizations protect themselves against cyber threats and to ensure that the EU’s critical infrastructure is more secure and robust.

EU member states must implement the NIS2 into national law by 17 October 2024 – setting a new standard in light of its extraterritorial reach and personal liability of management bodies.

In this guide, we take you through the current implementation status for each member state and what you should be on the lookout for.

NIS2 implementation across EU member states

Click on the countries below to view the local implementation status.

Key:

No draft law yet

Draft law published

Law released

Austria
Belgium
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden

Other Resources

Eversheds Sutherland NIS2 Directive hub

Visit webpage

Whitepaper: Everything you need to know about the NIS2 Directive

Read the whitepaper

Webinar: One year to go until the EU NIS2 Directive

Watch the webinar

Article: Focus on the NIS2 directive

Read the summary briefing

For further guidance on implementing NIS2, please get in touch with your local contact or:

Nils Müller Partner Data Privacy, Cybersecurity & Technology

T: +49 8 95 45 65 19 4 E: nilsmueller@eversheds-sutherland.com

Olaf Van Haperen Partner Data Privacy, Cybersecurity & Technology

T: +31 1 02 48 80 58 E: olafvanhaperen@eversheds-sutherland.com

Click on the button below to view and connect with our list our of NIS2 European contacts.

View EU contacts list

© Eversheds Sutherland. All rights reserved. Eversheds Sutherland is a global provider of legal and other services operating through various separate and distinct legal entities. Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client.

Share this page