Get NIS2-ready with Tresorit. Meet the highest security standards. Learn more

Get ready for the NIS2 Directive with an end-to-end encrypted platform

Tresorit helps businesses take a shortcut to NIS2 readiness. Our content collaboration platform – purpose-built for cybersecurity and user-friendliness – supports your risk mitigation approach to NIS2 by ticking the most critical boxes.
Try for free
14 days without limitations
Schenker
Toyota
Deutsches Rotes Kreuz
Konica Minolta
NotCo
Trade Republic
Northwave
Webinar recording

Is your organization ready for NIS2?

Is the upcoming NIS2 directive a concern for you? In this webinar recording, our experts discuss the key requirements and provide practical implementation tips.

Learn about:

  • Affected sectors and core NIS2 requirements
  • How to strengthen your cybersecurity
  • Preparing for audits and reporting

NIS2 is the order of the day - prepare for it

Recommendations in cybersecurity are no longer enough – actions are needed. This is where the European Cybersecurity Directive NIS2 will make a difference. Businesses must take concrete steps by October 2024. Otherwise, they risk costly ramifications and even serious sanctions for senior executives.

Connected digital processes, rampant cyber attacks, and a growing hybrid workforce – are just a few symptoms of our highly tech-reliant business world. The impact of security breaches on critical infrastructures can extend beyond business losses, putting the economy and society at risk.

  • 2025

    by January, entities must submit first reports about their NIS2 measures to the national authorities.

  • 2024

    by October, Member States have to transpose NIS2 into their national laws.

Effectively stand up to the rigor of NIS2

We believe that compliance doesn’t have to be restrictive and cumbersome. That’s why we build our products with compliance & people in mind. So you can naturally transform your organizations’ way of working – fostering cybersecurity and productivity as a result.  
  • The NIS2 (Network and Information Systems) Directive marks the European Union’s aim to strengthen the cyber resilience of a highly digital and risk-exposed economy and society. Compared to its predecessor NIS1, the new direcive introduces stricter cyber security measures for a broader number of sectors, deemed as critical for businesses’ and citizens’ everyday life.
  • The directive applies to a range of entities operating in 11 essential and 7 important sectors. Company size and turnover are the rule of thumb for deciding which company falls under the directive.
    Both entity groups must fulfill the same requirements. However, essential entities considered critical for the society’s functioning, will be proactively supervised. Whereas, important entities will undergo scrutiny only after a non-compliance is reported.
  • Entities must take the following measures (Art 21) to protect their network, information systems, and physical environment from incidents:
    • Risk analysis & information system security
    • Incident handling
    • Business continuity measures
    • Supply chain security
    • Security in system acquisition, development & maintenance
    • Policies and procedure to assess the effectiveness of cybersecurity risk management measures
    • Basic cyber hygiene practices and cybersecurity training
    • Policies and procedures on the use of cryptography and encryption
    • Human resources security, access control policies and asset management
    • Use of multi-factor authentication, secured voice/video/text communication and secured emergency communication
  • NIS2 defines stricter fines for non-compliance and personal accountability on senior management level:
    • For essential entities: administrative fines of up to 10 million euros or 2% of the total annual global revenue in the previous fiscal year, whichever amount is higher.
    • For important entities: administrative fines of up to €7 million or 1.4% of the total annual global turnover in the previous fiscal year, whichever is higher.
  • NIS2 places a great emphasis on cloud security. The new directive has not just been extended to cloud providers, but also reinforces the reliance on secure cloud solutions by adding supply chain security as a new requirement.
    In addition, NIS2 mandates that security should be a priority whenever a new system is deployed, developed, or maintained. No wonder that cloud security is embedded manifold in the NIS2 lingo. Multi-purpose cloud platforms secured by state-of-the art cryptography can help you fulfill many of the NIS2 requirements.
  • Both legislative frameworks have been established by the EU to enhance cybersecurity and operational resilience.
    While NIS2 applies to a broader industry spectrum, DORA (Digital Operational Resilience Act) focuses specifically on the financial sector. NIS2 is a directive, whereas DORA is a regulation. NIS2 sets a course with the obligation for the EU Member States to transpose it into their national law. DORA is a binding legislation for all Member States after its entry into effect in January 2025.
  • Here are the key preparation steps that help you set up your organization for NIS2 compliance success:
    • Understand the scope and requirements of NIS2
    • Identify your organization’s gaps in the context of NIS2
    • Establish a holistic cybersecurity framework to close the gaps
    • Implement the legal, technical, and organizational measures
    • Design regular audit practices to ensure the effectiveness of your NIS2 strategy

The NIS2 Directive, in a nutshell

Full name: “Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS2 Directive).”

Tresorit supports service providers on their NIS2 journey and beyond

Easily implement the NIS2 cybersecurity standards across your content workflows

Other NIS2 industry groups can also rely on Tresorit

Essential Entities*

Water Supllies

Digital infrastructure

Transport

Energy

Public sector

Space travel

Electronic communication

Waste water

IMPORTANT Entities*

Digital service providers

Producing of chemicals

Postal and courier companies

Waste management

Food

Digital services and data center

Research

Manufacturing

*Essential entities include the original NIS1 critical infrastructures, along with new sectors added under NIS2. As a new category introduced in NIS2, important entities cover a wider but less critical range of sectors. Company size and turnover play also a role when determining if your organization is impacted by NIS2.

One platform, multiple benefits

Automatic end-to-end encryption & zero-knowledge

that your employees, clients, and partners cannot bypass - bad actors will never be able to exploit.

One platform for secure storing, sharing & signing

that have been built for securing your entire document management lifecycle - without risky system switches.

Utmost security for external & internal file sharing

that helps you facilitate risk-free collaboration across your supply chain, client base, and entire organization.

A platform designed for compliance

that has proven to be the perfect choice for the strictest regulatory requirements - GDPR, HIPAA, TISAX, FINRA, including NIS2 & DORA.

Intuitive interface & integrations

that naturally adapt to your work style while supporting secure work habits - whenever you touch on a sensitive document.

Strong access & sharing controls at your fingertips

that empower you to regain control over your data flow, supervise who and when can access your content, and detect suspicious events in-time.

TÜV Rheinland
CCPA Ready
GDPR Compliant Technology
HIPAA Compliant
Common Criteria

How can Tresorit help you meet the NIS2 requirements?

  • NIS2 article 21, (2)h

    Ensure automatic encryption for all your collaboration

    Implement strong encryption in seconds. Enforce its use without hassles. Built-in encryption offers you the shortcut to genuine security habits. Tresorit’s zero-knowledge end-to-end encryption makes it impossible for unauthorized parties to access your internal and external communications.

  • NIS2 article 21 (2)e

    Encrypt the channels of your vulnerability disclosure

    Prevent your vulnerability analysis from falling into the wrong hands. Tresorit ensures that detected security flaws will stay between you and your trusted partners.

  • NIS2 article 21, (2)h

    Fortify your supply chain’s security posture

    Tresorit ensures risk-free collaboration across you supply chain. Ensure business secrecy, seamless information sharing, and integrated document signing via Tresorit’s secure data rooms. Use email encryption and hit the button with full peace of mind.

  • NIS2 article 21,(2)i

    Automate & enforce strong access control policies

    Keep the information exchange inside and outside of your company in check, with granular security controls, watermarks, and audit logs. Enforce 2FA, supervise, and analyze how people interact with your content – from sharing to requesting files, from data room collaboration to signing.

  • NIS2 article 21, (2)b

    Bolster your incident handling processes

    Act promptly whenever an incident occurs, without extending your attack surface. Set up a confidential data room immediately to speed up detection and recovery. With Tresorit, you can easily exchange sensitive information with competent personnel, authorities, and CIRTs.

  • NIS2 article 21, (2)g

    Effortlessly empower cyber hygiene practices

    Instill secure work routines into your company’s culture with no hassles. A user-friendly tool with automatic encryption from sender to receiver and versatile security controls is the best way to go.

  • NIS2 article 21, (2)c

    Business continuity with a platform built for resilience

    Deliver friction-free services even in the face of an attack. With backup files securely stored in our cloud, you can bounce back in no time. Your collaborative processes can smoothly flow with 24/7 access to your files from anywhere - no matter the severity of the incident.

  • NIS2 article 21, (2)e

    Ensure security in system acquisition, development & maintenance

    Replace your disjointed ecosystem of apps with a single secure platform. Centralize your company’s sensitive content flow into a protected workspace, built in line with the Secure Software Development Lifecycle principles.

Webinar recording

Is your organization ready for NIS2?

Is the upcoming NIS2 directive a concern for you? In this webinar recording, our experts discuss the key requirements and provide practical implementation tips.

Learn about:

  • Affected sectors and core NIS2 requirements
  • How to strengthen your cybersecurity
  • Preparing for audits and reporting

Customer success stories

Compared to other services like Dropbox, Tresorit’s solution is much safer, compared to manual encryption, it’s less hassle, and compared to other online services, it offers a much better overall package.

Dr. Tobias Zimmermann, Research fellow, The Cardiovascular Research Institute Basel

We need to have this extra layer of security when it comes to certain topics and handling personal data, we do it with Tresorit.

Raza Perez, Strategic Operations Lead at Trade Republic

Since the introduction of Tresorit, our confidential documents are only exchanged through Tresorit – and things have become secure, controlled and run smoother for all parties involved.

Felix Nolte, Solution Manager Workspace at Viessmann IT Service GmbH

Resources

CIO ebook

Learn how to guarantee information security with end-to end encryption

Ready to embark on your secure work journey in the encrypted cloud?

Try for free
14 days without limitation