Events
The second EU Network and Information Systems Directive, or NIS2 for short, is similar to the GDPR in a way that it is another EU directive aimed at raising the bar for information and cyber security. While the GDPR focused primarily on the protection of personal data, NIS2 focuses on higher critical and important sector cybersecurity standards. Like the GDPR, the NIS2 directive applies to both the public and private sectors.
This directive establishes certain requirements for information and cyber security management and implementation, which all companies and organisations that fall under the critical and important subjects list must adhere to. Lithuania has been among the first EU countries to update its cybersecurity law according to the Directive and organisations are actively implementing the specific requirements set out in the updated Cybersecurity Law of the Republic of Lithuania.
Although NRD Cyber Security is a private organisation, we were part of the working group that consulted with the cybersecurity regulator, the NCSC, in Lithuania when the directive was adapted and the renewed cybersecurity law was prepared for implementation in our country.
Around 30,000 organisations in Germany will be affected by the NIS-2 Implementation Act (Gesetz zur Umsetzung der NIS-2-Richtlinie), which took effect on 6 December 2025. We believe that there are lessons to be learnt from Lithuania, where the cybersecurity law was amended more than a year ago, on 6 November 2024. Since then we have been helping organisations comply with the improved security requirements while also taking an active part in the continuous dialogue with the regulator regarding any further changes or clarifications that may be required to the law in the near future.
Webinar start time is 2PM CET.
Delivered by
Dr. Vilius Benetis
NRD Cyber Security Director, Builder of incident response capabilities (SOCs / CSIRTs / ISACs)
Paulius Daukšas
NRD Cyber Security consultant and webinar moderator