Private Sector

The NIS2 Directive sets out requirements for cybersecurity risk management measures in 18 critical sectors, such as digital infrastructures, energy, transport or health, which have to be transposed into national law. For the NIS2 Digital Infrastructure and the ICT service management sectors these cybersecurity requirements are further elaborated at EU level, by the Commission Implementing regulation 2024/2690 of 17 October 2024.