a blue and orange gradient

DSwiss in the media: NIS 2 in practice: What it delivers, and where gaps remain

Updated on 

23.12.2025

The European Union’s updated Network and Information Security Directive (NIS 2) aims to elevate cybersecurity across critical sectors by introducing clear responsibilities, faster incident reporting, and a stronger focus on supply-chain risk management. The directive’s intent is to make cybersecurity a strategic priority for organisations across the EU, embedding it into boardroom discussions and risk frameworks.

One of the most notable changes under NIS 2 is the tightening of incident reporting requirements. Organisations must now notify authorities within 24 hours of becoming aware of a serious incident, provide detailed updates within 72 hours, and submit a full report within a month. This structured timeline brings greater transparency and urgency to cyber incident management.

Another key element of NIS 2 is the emphasis on supply-chain security. Businesses are expected to assess and manage cybersecurity risks not only within their own operations but also across their supplier and vendor ecosystem. This broadens accountability and makes risk-based decision-making paramount.

However, despite these advances, implementation challenges remain. The directive sets minimum requirements, but common EU-wide standards, shared reporting templates, and interoperable systems are still lacking. Because each member state currently interprets and applies NIS 2 differently – from definitions and deadlines to reporting formats – organisations operating internationally face potential duplication of effort and increased compliance complexity.

Experts and practitioners stress the importance of developing harmonised incident taxonomies, central reporting frameworks, and aligned interfaces with other EU regulations such as GDPR and DORA. Such standardisation would reduce friction, improve comparability of data across borders, and help organisations move beyond compliance toward measurable cybersecurity resilience.

👉 Read the full article on Security-Insider:
https://www.security-insider.de/nis2-eu-standards-meldeprozesse-lieferkette-a-f6ea51861527cb7f1785eca4b50787a3/

Published on: security-insider.de

Author: Antonio Mecci

Ready to revolutionize your Processes?

  • list icon
    Highest quality & safety standards
  • list icon
    GDPR-compliant
  • list icon
    Developed & hosted in Switzerland
Discover our ePapers

This may also interest you

DSwiss in the media: Multi-cloud: Enabling digital control for banks

DSwiss in the media: Multi-cloud: Enabling digital control for banks

16.12.2025

Read article
National Future Day at DSwiss: Sparking curiosity, one circuit at a time

National Future Day at DSwiss: Sparking curiosity, one circuit at a time

24.11.2025

Read article
DSwiss in the media: Cybersecurity needs common standards

DSwiss in the media: Cybersecurity needs common standards

17.11.2025

Read article

Ready to Revolutionize your Document Handling?

  • list icon
    Highest quality & safety standards
  • list icon
    GDPR-compliant
  • list icon
    Developed & hosted in Switzerland
Book a Demo-Call
Contact Us

Ready to Revolutionize your Document Handling?

author avatar
João Salvado
People Operations

This is the default text value

Book a Demo-Call
EN
DE
FR
IT
© 2025 DSwiss. All rights reserved.