Directive (EU) 2022/2555, the NIS2 Directive, is the EU expanded cybersecurity baseline. It significantly broadens scope versus NIS1, imposes management body accountability, and mandates 24-hour early-warning incident reporting.
Essential and Important entities across 18 sectors including energy, transport, banking, financial market infrastructures, health, drinking and waste water, digital infrastructure, ICT service management, public administration, space, postal services, waste management, chemicals, food, manufacturing, digital providers and research.
Critical and important EU entities in covered sectors — plus their cloud and managed service providers. National transposition laws across EU member states extend obligations to specific national risk categories.
Every EU NIS2 Directive requirement mapped to the Cloudgenics technical controls that satisfy it, with traceability.
Telemetry, configuration scans and audit logs streaming into a tamper-evident evidence store with retention aligned to the framework.
Standardised auditor walkthrough materials — diagrams, run-books and policy templates — that fast-track the assessment.