MEIDIT
Solving IT challenges together!

What is the NIS2 directive?

NIS2 (Network and Information Systems Directive 2) is a European Union directive that sets stricter cybersecurity requirements for public and private organizations. It took effect on 16 January 2023, and Member States must transpose it into national law by 17 October 2024.

NIS2 replaces the earlier NIS directive (2016) and aims to:

  • strengthen organizations' resilience to cyber threats;
  • ensure fast detection of and response to incidents;
  • improve cross-sector cooperation across the EU;
  • expand the list of sectors to which requirements apply.

Who does NIS2 apply to?

NIS2 requirements apply to:

  • medium and large companies in important sectors (energy, transport, healthcare, finance, water, etc.);
  • organizations providing digital services (cloud computing, data storage, email services, managed IT service providers, etc.);
  • companies maintaining IT infrastructure – even as subcontractors or under white label partnerships.

Not applicable to micro-enterprises (up to 10 employees and < €2m turnover), unless they operate in very critical areas.

What are the key requirements?

Organizations must:

  • implement cybersecurity risk management measures;
  • have effective incident detection, prevention and response;
  • appoint a responsible person for cybersecurity;
  • follow accountability – report serious incidents within 24 hours;
  • be prepared for audits and random inspections.

Where and how to report incidents?

Report significant cybersecurity incidents to the National Cyber Security Centre (NKSC) under the Ministry of National Defence.

Reporting procedure:

  • Within 24 hours – submit an initial notification (early warning).
  • Within 72 hours – submit a more detailed report with context, impact and temporary solutions.
  • Within 1 month – submit a final report with technical details and long-term measures.

Contacts

Email: cert@nksc.lt
More information: www.nksc.lt

Why is it important?

NIS2 is not just regulation, but a guarantee of business continuity. Proper preparation:

  • reduces the risk of data loss or operational disruptions;
  • helps avoid fines (up to €10m or 2% of annual turnover);
  • strengthens trust among clients and partners;
  • opens opportunities to work with larger organizations that already require NIS2 compliance.

Need help preparing for NIS2?

MB "Meidit" can help your company implement the requirements – from infrastructure audit to deployment of preventive measures. Contact us – we'll make NIS2 compliance not a burden but a competitive advantage.

Request a consultation