---
title: "Nis2: prepping your cybersecurity plan"
page_name: "NIS2: Prepping your cybersecurity plan"
type: "blog"
slug: "nis2-prepping-your-cybersecurity-plan"
published_at: "2023-12-19"
modified_at: "2025-06-17"
url: "https://www.sumologic.com/blog/nis2-prepping-your-cybersecurity-plan"
canonical: "https://www.sumologic.com/blog/nis2-prepping-your-cybersecurity-plan"
markdown_url: "https://www.sumologic.com/blog/nis2-prepping-your-cybersecurity-plan.md"
lang: "en"
excerpt: "NIS2 is a new European Union cybersecurity Directive that goes into effect in 2024. Learn the importance of this new regulation and get ideas for how to prepare your cybersecurity plan."
taxonomy_blog_category:
  - "Compliance"
  - "SecOps &amp; Security"
---

[ All blogs ](https://www.sumologic.com/blog "blog")[Compliance](https://www.sumologic.com/blog/compliance), [SecOps &amp; Security](https://www.sumologic.com/blog/secops-security)

# NIS2: Prepping your cybersecurity plan

[George Gerchow](#blog-author-block-133)

December 19, 2023

2 min read 

[Compliance](https://www.sumologic.com/blog/compliance), [SecOps &amp; Security](https://www.sumologic.com/blog/secops-security)

##### Table of contents

 

 

 

If you are an organisation that operates or does business in the European Union (EU), then your team is likely
 preparing for the [NIS2
 Directive](https://digital-strategy.ec.europa.eu/en/policies/nis2-directive), an EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of
 cybersecurity in the EU and goes into effect on October 17, 2024.

However, according to a [survey](https://www.sailpoint.com/blog/foot-to-the-floor-ahead-of-2024-what-nis2-means-for-your-business/)
 by cybersecurity firm Sailpoint (and a Sumo Logic customer), only 34% of organisations in the UK, France, and
 Germany
 are prepared for NIS2. With just under a year to go, businesses need to put the pedal to the metal when it comes to
 NIS2 compliance and get ahead on their cyber preparation.

## What is NIS2

NIS2 is the EU’s latest effort to strengthen the security of networks and information systems (it’s very similar to
 the recent [SEC
 regulations](https://www.sumologic.com/blog/sec-cybersecurity-disclosure-rules/)). It builds on the foundation of NIS1, expanding its scope to cover a broader range of sectors,
 including digital service providers and online platforms. The directive aims to enhance the overall cybersecurity
 posture across critical sectors, such as energy, transportation, health, and more.

NIS2 is crucial for bolstering the cybersecurity resilience of critical sectors by expanding regulatory oversight to
 include a broader array of entities, such as digital service providers and online platforms. By promoting a
 standardised and comprehensive approach to cybersecurity, NIS2 plays a pivotal role in fostering a safer digital
 environment, ultimately safeguarding both businesses and the public against the increasing sophistication of cyber
 attacks.

## Getting started

If your organisation is just getting started, time is of the essence. We recommend
 preparing for NIS2 immediately with tabletop exercises to be proactive about implementing the regulation’s
 rules. As part of this exercise, here are some key questions you should consider:

- What can you do ahead of time to protect yourself and prepare for NIS2 requirements?
- Do you have the right tooling to detect an incident early?
- Are you ready for incident reporting and communications internally and externally?
- What is your preparation plan?
- Will you purple team/other exercises to test and improve your systems and processes?

## Evaluate your security tooling and log strategy

When it comes to cybersecurity, it all comes down to the logs. [Read our guide](https://www.sumologic.com/guides/log-analytics/) to log analytics to learn more and how to choose the right log analytics solution for your needs. Being
compliant doesn’t mean you’re secure, so consider the security tooling you have in place. Do you have the right
tools that will help you quickly demonstrate security best practices and compliance readiness at cloud-native
scale?

[Learn
more](https://www.sumologic.com/solutions/audit-compliance/) about Sumo Logic’s audit compliance capabilities and advanced analytics so you can
confidently plan for NIS2 and any other number of compliance regulations.

As cyber threats evolve, the public is increasingly concerned about the security of digital services and sensitive
information. Adhering to NIS2 standards reassures your customers, clients, and stakeholders that you prioritise the
security and integrity of their data. Maintaining a strong cybersecurity posture helps protect your organisation’s
reputation, fostering trust and confidence among your user base.

### Article Tags

- [Compliance](https://www.sumologic.com/blog/compliance)
- [SecOps &amp; Security](https://www.sumologic.com/blog/secops-security)

George Gerchow

CSO and SVP of IT

As Sumo Logic’s CSO and SVP of IT, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. George has been on the bleeding edge of public cloud security, privacy and modernizing IT systems since being a co-founder of the VMware Center for Policy &amp; Compliance. He is a Faculty Member for [IANS](https://www.iansresearch.com/our-faculty/faculty/detail/%5Bf669d9a7-009d-4d83-ddaa-000000000002%5D2CFAB8BA-3C3D-440F-AC51-75AE8FD0D8A6) – [Institute of Applied Network Security ](https://www.iansresearch.com/our-faculty/faculty/detail/%5Bf669d9a7-009d-4d83-ddaa-000000000002%5D2CFAB8BA-3C3D-440F-AC51-75AE8FD0D8A6) and sits on several industry advisory boards. Mr. Gerchow is also a known philanthropist and CEO of a nonprofit corporation, [XFoundation](https://www.xfoundationx.org/).

[](https://www.sumologic.com/feed "RSS Feed")[](https://twitter.com/intent/tweet?text=NIS2%3A%20Prepping%20your%20cybersecurity%20plan&url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fnis2-prepping-your-cybersecurity-plan "X")[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fnis2-prepping-your-cybersecurity-plan "Facebook")[](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fnis2-prepping-your-cybersecurity-plan "Linkedin")

[Previous blog

How to monitor MySQL performance metrics in minutes](https://www.sumologic.com/blog/mysql-performance-monitoring)[Next blog

Protecting identities with the Sumo Logic platform](https://www.sumologic.com/blog/protecting-identities-sumo-platform)

People who read this also enjoyed

[  

Sumo Logic AWS Region European Sovereign Cloud is now generally available

June 2, 2026

 

 ](https://www.sumologic.com/blog/sumo-logic-aws-region-european-sovereign-cloud-generally-available)[  

Rethinking data governance and global compliance

February 18, 2026

 

 ](https://www.sumologic.com/blog/rethinking-data-governance-global-compliance)[  

Cyber attackers hit the jackpot: learn why casinos aren’t the only ones vulnerable

September 19, 2023

 

 ](https://www.sumologic.com/blog/cyber-attackers-jackpot-vulnerabilities)[  

The SEC’s new cybersecurity disclosure rules – are you ready?

July 31, 2023

 ](https://www.sumologic.com/blog/sec-cybersecurity-disclosure-rules)

[AI Instructions](https://www.sumologic.com/ai-instructions.md)