NIS2 Consulting — European Directive Compliance

NIS2 has been in force since 2026. Fines can reach €10M or 2% of turnover. We help you comply without complications.

Evaluate my company View process
← Back to Business Cybersecurity

Our NIS2 compliance process

A clear and structured approach so your business complies with the European directive without disrupting its operations.

NIS2 scope assessment

We determine whether your company is affected and what obligations it has.

Adaptation plan

We design the necessary technical and organizational measures to comply.

Implementation and monitoring

We deploy the solutions and monitor ongoing compliance.

What does NIS2 require?

The NIS2 directive establishes concrete obligations for essential and important entities in the EU. Non-compliance can lead to severe penalties and personal liability for directors.

  • Cybersecurity risk management with technical and organizational measures
  • Incident notification to the competent authority within a maximum of 24 hours
  • Supply chain security and critical supplier assessment
  • Business continuity and disaster recovery plans

Complement your cybersecurity strategy

NIS2 compliance cannot be achieved with a single service. Our comprehensive approach covers all areas required by the directive.

  • SOC and 24/7 monitoring for incident detection and response
  • Firewalls and perimeter protection to secure your networks
  • Security audit to identify vulnerabilities and breaches
  • Cloud backup to ensure business continuity

Is your business prepared for NIS2?

Request assessment

Frequently asked questions about NIS2

Which companies does the NIS2 directive affect?
NIS2 affects medium and large companies (more than 50 employees or more than 10M in revenue) operating in essential or important sectors: energy, transport, health, water, digital infrastructure, public administration, food, manufacturing, postal services, waste management, chemicals, space and digital service providers, among others.
What are the deadlines for NIS2 compliance?
The NIS2 directive entered into force at the European level and member states were required to transpose it into national legislation before October 2024. In Spain, the transposition was completed in 2025 and obligations are enforceable from 2026. Affected companies must have implemented the required measures or face potential penalties.
What penalties does NIS2 impose for non-compliance?
For essential entities, fines can reach 10 million euros or 2% of annual global turnover (whichever is greater). For important entities, up to 7 million euros or 1.4% of turnover. Additionally, the directive introduces personal liability for company directors in cases of negligence.
What technical measures must I implement to comply?
NIS2 requires measures such as risk analysis, information security policies, incident management with 24-hour notification, business continuity plans, supply chain security, cybersecurity training, encryption and access control, and procedures to evaluate the effectiveness of these measures.

Assess whether NIS2 affects your business

Tell us your sector and size and we'll tell you what your obligations are.

Phone 665 87 93 46
Hours Monday to Friday: 8:00 - 20:00
We call you!
Shall we call you?

Leave your phone number and we'll contact you within 1 hour.

Al enviar aceptas nuestra política de privacidad.