From 1 January 2025, the NIS2 directive will take effect in Sweden (Swedish Cybersecurity Act). Strengthen your cybersecurity readiness with a NIS2 gap analysis to face the stricter regulations and requirements of NIS2 confidently. With our experienced cybersecurity lawyers, rest assured that you will get relevant advice and an overview to craft a relevant cybersecurity strategy. The rapid evolution of technology and its adoption has placed immense pressure on businesses to remain compliant with ever-changing regulations. The revised Network and Information Security Directive (NIS2) sets the benchmark for cybersecurity standards within the EU.
We offer our standardised process and legal advice. We offer our service in two phases that can be purchased separately or combined.
With a blend of deep legal knowledge and practical business insights, we guide organizations to integrate NIS2 requirements seamlessly.
NIS2 is an EU directive coming into effect in October 2024 setting baseline requirements for network and information system security. New enforcement requirements are introduced, along with heavy fines and personal liability for management in case of non-compliance. NIS2 expands the cybersecurity requirements and sanctions across the EU, introducing stricter requirements for certain sectors.
NIS2 will take effect in Sweden on 1 January 2025 by the Swedish Cybersecurity Act.
The NIS 2 gap analysis would answer to what extent your organisation is affected by the regulation. Previously, providers of (A) socially important services (i.e. energy, transport, banking, financial market infrastructure, healthcare, supply and distribution of drinking water and digital infrastructure) and providers of (B) digital services, internet-based marketplaces, internet-based search engines or cloud services) were covered. The NIS2 Directive expands the sectors of actors that are impacted to include:
Even with state-of-the-art cybersecurity measures, vulnerabilities can exist. NIS2 aims to standardize and elevate cybersecurity practices across the EU. How prepared is your organization to adapt and excel? Let us perform a NIS2 gap analysis or provide you with a second opinion of your current status and maturity.
NIS2 introduces personal liability (fines) and personal criminal liability (penalties) for individuals at the board level or in a managerial position if they fail to comply with their NIS2 obligations. Under NIS2, management bodies would be considered those individual senior managers who (a) are responsible or act as a representative for the entity covered under NIS2, (b) have the authority to make decisions on the legal entity’s behalf and/or (c) have the authority to exercise control over the legal entity.
In certain instances, the enforcement authorities may impose temporary prohibitions on the management, including the chief executive officer and legal representatives, from executing managerial functions.
Sanctions include GDPR-like fines based on global turnover. For an essential entity, the penalties are higher, the highest of a minimum of 10 million EUR or 2 % of global turnover. For an important entity, fines are in the lower tier, a minimum of 7 million EUR or 1.4% of turnover.
Strategically position your business for success in the face of evolving regulations:
First, we start with an initial workshop with you and Sharp Cookie Advisors. Our team prepares materials relevant to your organisation.
Second, we perform a high-level analysis of your business. The result of the workshop and of our analysis is a documentation of the impact of NIS2 on your organisation and business.
This first phase is offered to clients in a price range of SEK 20 000 (excluding VAT). Any price estimates are estimates and will be confirmed in writing upon your request.
First, we start with a workshop where we map the main requirements together - IT security readiness, management of cybersecurity incidents, and overview of core suppliers. An outcome of the workshop is to set the conditions of the continued review and analysis.
Second, we produce a high-level report of the perceived compliance gaps to NIS2 and relevant legislation. The gap analysis will provide an outline of the status of NIS2 readiness in the main areas of your organisation, with suggestions for prioritisation and business impact assessments. You will be provided with an outline of an action plan to mitigate the potential gaps.
Third, the report and action plan will be presented in an executive version, which our seasoned experts will be available to present to your management.
This second phase is offered to clients in a price range of SEK 45 000 - 90 000 (excluding VAT). Any price estimates are estimates and will be confirmed in writing upon your request.
Every organization is unique, and our service offerings reflect this. While our standard engagement operates on an hourly basis, we offer volume-driven pricing and extended engagement retainers tailored to fit your specific requirements.
Begin a partnership that prioritizes your business's regulatory compliance and overall success in the digital realm. In our introductory consultation, we'll deeply understand the nuances of your operations and chart out the optimal path for NIS2 compliance. Equip your business with the strategic advantage of being NIS2-ready with the help of Sharp Cookie Advisors.
Contact us to get your complimentary NIS2 checklist and self-assessment today.
