The EU NIS2 Directive, made clear.

The NIS2 Directive requires organisations across the European Union to meet new obligations for cybersecurity, incident reporting and supply-chain due diligence. Tens of thousands of entities are directly in scope — and hundreds of thousands more are affected through their supply chains.

6,841Entities mapped
18NIS2 sectors
4Jurisdictions
TransposingAcross the EU

What can you do?

Available

Scope check

Am I in scope for NIS2? An honest decision tree based on the EU directive that tells you in 5 minutes whether your organisation is covered, which obligations apply, and who your supervisory authority will be.

Start the check → 6,841 entities

Entity register

Search our reconstructed NIS2 register. Which companies fall under the directive? Per entity: classification, sector, supervisory authority and obligations. NL and FR data coming soon.

Search the register → Coming soon

Supplier Monitor

Upload your supplier list. We match it against our register and report which suppliers are subject to NIS2. For your own supply-chain compliance dossier.

Learn more ↓

What is happening?

The NIS2 Directive (EU 2022/2555) requires Member States to transpose new cybersecurity rules into national law. Organisations in essential and important sectors must manage cyber risks, report incidents to their national CSIRT within 24 hours, and demonstrably ensure the security of their entire supply chain.

That last requirement — supply-chain due diligence — is why NIS2 also affects SMEs that are not directly in scope. Large contracting entities will require their suppliers to demonstrate compliance, because otherwise they cannot fulfil their own supply-chain obligations.

Key figures

Transposition deadline
17 October 2024 (ongoing)
Directly in scope
~160,000 entities across the EU
Indirectly via supply chain
Hundreds of thousands of SME suppliers
Incident notification
24 hours (early warning)
Max. fine
€10M or 2% of global turnover
Supervision
National competent authorities per Member State

Why NIS2 Radar?

Governments publish legal texts, guidance and entity registers — but none of these sources answer the questions that directors and compliance officers actually have: Am I in scope? What are my suppliers doing? How much time do I have left?

NIS2 Radar is an independent tool — built by someone with a background in fintech, open banking and security — that makes raw government data accessible and combines it with practical decision support. No consultancy funnel, no busywork: direct answers.

Keep me informed

Get notified when the Supplier Monitor launches and when there are relevant changes to NIS2 regulation.

Thank you! We will notify you as soon as the Supplier Monitor goes live.
Something went wrong. Please check your email address and try again.