NIS2 Scope Decoded: Which SMEs Fall Under the Directive — and What It Means for Your Business
Gennemgået af: Redaktionel gennemgang af Viktoria Compliance
Senest gennemgået: February 28, 2026
Kilder: EUR-Lex, ENISA, EDPB, nationale tilsynsmyndigheder og officielle EU-retningslinjer, hvor det er relevant.
Rettelsespolitik: Send rettelser til info@viktoria-compliance.eu.
The NIS2 Directive dramatically expanded the scope of EU cybersecurity obligations. This guide clarifies which organisations are in scope and what you need to implement before your national transposition deadline.
Tjek din compliance-parathed
Gennemfør vores gratis vurdering af parathed til GDPR, NIS2 og AI-forordningen og få personlige anbefalinger på få minutter.
Start gratis vurderingEU Compliance Weekly
Get the latest regulatory updates, compliance tips, and enforcement news delivered to your inbox every week.
Relaterede artikler
NIS2 Transposition in 2026: Where Every EU Member State Stands (and What It Means for Cross-Border Business)
The 17 October 2024 NIS2 transposition deadline passed with most EU Member States missing it. As of May 2026, 22 of 27 Member States have adopted transposing legislation but five (France, Ireland, Luxembourg, Netherlands, Spain) are still in legislative procedure. Here is the verified status tracker, with primary sources, and what it means for your organisation.
NIS2 Risk Assessment: A Structured Framework to Identify and Prioritise Your Cyber Gaps
NIS2 Article 21 mandates comprehensive cybersecurity risk management. This guide provides a structured six-step methodology aligned with ISO 27005 and ENISA guidance.