[co-author: Glenn Prendergast]
The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national laws, fostering a dynamic and rapidly evolving regulatory environment. Recently, Ireland’s National Cyber Security Centre (NCSC) published the draft NIS2 Risk Management Measures (RMM) Guidance, which outlines the minimum requirements for essential and important entities. Ireland has also joined the Cyber Fundamentals Framework (CyFun), originally developed in Belgium, as a scheme co-owner. The CyFun framework offers a structured, risk-based methodology for essential and important entities, assisting them in organising and demonstrating their NIS2 security measures.
While Ireland has not yet implemented the NIS2 Directive, the legislative process is now at an advanced stage, with the NCSC expecting the National Cyber Security Bill to be transposed into law by the end of the year.
[View source.]
