Back to blog

NIS 2 cyber directive - The phases of NIS 2 implementation

Oct 01, 2023

Martin Hald


1. Understanding Phase


To fully grasp the scope and range of an organization's assets, potential threats, and their classification under NIS2.

Asset Mapping: 

All organizational assets, both physical and digital, should be catalogued. This allows for better threat modelling and risk assessment.

Risk Assessment: 

Comprehensive evaluations are vital to understanding possible vulnerabilities, threats, and their associated risks.


Identify where your organization stands within the sectors covered by NIS2. This provides a clear lens on the specific obligations and requirements.

2. Planning Phase


To create structured security policies, allocate resources, and establish an incident response plan.

Security Policies and Procedures: 

It's essential to draft security policies and procedures tailored to the organization's size, type, and risks. These documents act as the foundation for cybersecurity operations.

Incident Response Plan: 

In case of a security breach, having a predefined set of actions ensures a timely and appropriate response, minimizing potential damages.

Resource Allocation: 

Dedicate necessary technological and human resources to ensure compliance and enhance security measures.

3. Implementation Phase


To set the stage for compliance by integrating technical solutions, training stakeholders, and developing robust reporting mechanisms.

Technical Measures: 

Integrate crucial technological tools like firewalls, intrusion detection systems, and other cybersecurity solutions.

Training and Education: 

Regular training sessions keep stakeholders informed of the latest security policies and best practices.

Reporting Mechanisms: 

These systems ensure that any security breaches are reported within the stipulated timeframe.

4. Monitoring Phase


To continually observe and review the organization's security posture and its adherence to the NIS2 directive.

Ongoing Risk Assessment: 

The cyber landscape is continuously evolving, making regular risk assessments crucial.

Incident Monitoring: 

Surveillance systems should always be active, scanning for potential security breaches or threats.


Regular internal and external reviews are essential for identifying potential weaknesses or non-compliance areas.

5. Improvement Phase


To refine and optimize security measures based on feedback and monitoring outcomes.

Feedback Mechanisms: 

Channels should be established for stakeholders to provide insights and critiques about security measures.

Policy Updates: 

Revise security policies and procedures based on real-time insights and feedback.

Education Refresh: 

When policies are updated, stakeholders must be re-trained to accommodate the changes.

6. Reporting and Collaboration


To foster a transparent communication channel with national supervisory authorities and ensure timely reporting.

Timely Reporting: 

All security breaches should be reported promptly in line with NIS2’s requirements.

Collaboration with Authorities: 

Establishing transparent communication with national supervisory bodies enhances compliance and facilitates assistance when required.

Regular Updates: 

Keep these authorities updated on your organization's security postures and measures.


Complying with NIS2 doesn't only fulfil a regulatory requirement but also fortifies an organization against potential cyber threats. Following a structured framework and monitoring checklist, as outlined in this whitepaper, provides a roadmap for effective compliance.

This blog post serves as a foundational guide. Depending on the organization’s size, type, or sector, additional tailoring and expert consultation might be required to ensure complete compliance.