NIS2 Reference Information

NIS2 Directive Information

• SI. 360 of 2018: Transposition of NIS1 Directive into Irish law
• Directive (EU) 2022/2555: NIS2 Directive
• General Scheme for the National Cyber Security Bill 2024: The draft heads of bill to transpose NIS2 Directive into Irish law published by Government
• Commission Implementing Regulation (EU) 2024/2690: Outlines risk management measures and criteria in relation to significant incidents for certain sectors and subsectors
• Commission Recommendation 2003/361/EC: Commission recommendation concerning the definition of enterprise size which inputs into whether an entity is in scope for NIS2
• Commission’s user guide to the SME definition: provides general guidelines on definition of SME enterprise size which inputs into whether an entity is in scope for NIS2

NCSC

• NCSC: NCSC website for general information
• NCSC NIS2: NCSC NIS2 website
• Am I in Scope: NCSC tool which will help entities understand if they are in scope for NIS2
• NIS2 Quick Reference Guide: NCSC document providing high level information on NIS2
• NIS2 FAQ: NCSC FAQs on NIS2
• NIS2 Risk Management Measures Guidance: provides guidance on measures and granular actions under NIS2 for entities to improve their cybersecurity posture
• CyFun FAQ: NCSC FAQs on Cyber Fundamentals Framework

ENISA

• ENISA NIS Directive 2: ENISA NIS2 website
• ENISA 2024 Report on the State of the Cybersecurity in the Union: ENISA Report
• ENISA NIS2 Technical Implementation Guidance: offers practical advice to help entities implement the Commission Implementing Regulations (EU) 2024/2690