Translations:Network and Information Security Directive (NIS2-RL)/4/en

For both, the higher amount applies. |- | Containment of threats in key sectors (Recital 1 NIS2 Directive) | Must be implemented by Member States by 17 October 2024 (not yet done) | Obligations regarding cybersecurity risk management (Art. 20 et seq. NIS2 Directive) and reporting obligations (Art. 23 NIS2 Directive) for affected entities | Confidentiality clauses | Official instructions and orders. Suspension of operations can also be ordered (Art. 32 NIS2 Directive) |- | | | Rules and obligations on the exchange of cybersecurity information (Art. 29 et seq. NIS2 Directive) | | Management bodies may be held personally liable (Art. 20 NIS2 Directive) |}