NIS2 Consulting — European Directive Compliance

NIS2 has been in force since 2026. Fines can reach €10M or 2% of turnover. We help you comply without complications.

Evaluate my company View process
← Return to Cybersecurity Companies

Our NIS2 adaptation process

A clear and structured approach for your company to comply with the European directive without interrupting its activity.

NIS2 Scoping Assessment

We determine if your company is affected and what obligations it has.

Adaptation plan

We design the technical and organizational measures necessary to comply.

Implementation and monitoring

We deploy solutions and monitor ongoing compliance.

What does NIS2 require?

The NIS2 directive establishes specific obligations for essential and important businesses in the EU. Failure to comply may lead to severe sanctions and managerial liability.

  • Cybersecurity risk management with technical and organizational measures
  • Notification of incidents to the competent authority in a maximum of 24 hours
  • Supply chain security and evaluation of critical suppliers
  • Business continuity and disaster recovery plans

Complement your cybersecurity strategy

NIS2 compliance is not achieved with a single service. Our comprehensive approach covers all areas required by the directive.

  • SOC and 24/7 monitoring for incident detection and response
  • Firewalls and perimeter protection to secure your networks
  • Security audit to identify vulnerabilities and gaps
  • Cloud backups to ensure business continuity

Is your company ready for NIS2?

Request evaluation

NIS2 FAQ

Which companies are affected by the NIS2 directive?
NIS2 affects medium and large companies (more than 50 employees or more than 10M turnover) that operate in essential or important sectors: energy, transport, health, water, digital infrastructure, public administration, food, manufacturing, postal services, waste management, chemistry, space and digital service providers, among others.
What are the deadlines to comply with NIS2?
The NIS2 directive came into force at European level and Member States had to transpose it into national legislation by October 2024. In Spain, the transposition has been completed in 2025 and the obligations are enforceable from 2026. Affected companies must have implemented the required measures or face possible sanctions.
What sanctions does NIS2 contemplate for non-compliance?
For essential entities, fines can reach €10 million or 2% of global annual turnover (whichever is greater). For important entities, up to 7 million euros or 1.4% of turnover. Furthermore, the directive introduces personal liability for company managers in case of negligence.
What technical measures should I implement to comply?
NIS2 requires measures such as risk analysis, information security policies, incident management with 24-hour notification, business continuity plans, supply chain security, cybersecurity training, encryption and access control, and procedures for evaluating the effectiveness of these measures.

Evaluate if NIS2 affects your company

Tell us your sector and size and we will tell you what obligations you have.

Phone 665 87 93 46
Hours Monday to Friday: 8:00 - 20:00
We call you!
Shall we call you?

Leave your phone number and we'll contact you within 1 hour.

By submitting you accept our privacy policy.