{ "id": "nis2", "name": "Richtlinie ueber Massnahmen fuer ein hohes gemeinsames Cybersicherheitsniveau", "nameEn": "Network and Information Security Directive 2", "abbreviation": "NIS2", "abbreviationEn": "NIS2", "type": "directive", "jurisdiction": "EU", "effectiveDate": "2024-10-18", "officialReference": "Richtlinie (EU) 2022/2555", "articles": 46, "recitals": 144, "chapters": 9, "estimatedChunks": 46, "language": "de", "topics": [ "cybersecurity", "critical-infrastructure", "incident-reporting", "risk-management", "supply-chain-security" ], "entityCategories": [ { "type": "essential", "title": "Wesentliche Einrichtungen", "sectors": [ "Energie", "Verkehr", "Bankwesen", "Finanzmarktinfrastrukturen", "Gesundheitswesen", "Trinkwasser", "Abwasser", "Digitale Infrastruktur", "IKT-Dienste", "Oeffentliche Verwaltung", "Weltraum" ] }, { "type": "important", "title": "Wichtige Einrichtungen", "sectors": [ "Post- und Kurierdienste", "Abfallbewirtschaftung", "Chemische Industrie", "Lebensmittel", "Verarbeitendes Gewerbe", "Digitale Anbieter", "Forschung" ] } ], "keyArticles": [ { "article": 21, "title": "Risikomanagementmassnahmen", "importance": "critical" }, { "article": 23, "title": "Berichtspflichten", "importance": "critical" }, { "article": 24, "title": "Verwendung von Zertifizierungsschemata", "importance": "high" }, { "article": 25, "title": "Normung", "importance": "high" }, { "article": 32, "title": "Aufsichtsmassnahmen - Wesentliche Einrichtungen", "importance": "high" }, { "article": 33, "title": "Aufsichtsmassnahmen - Wichtige Einrichtungen", "importance": "high" }, { "article": 34, "title": "Sanktionen", "importance": "high" } ], "reportingTimelines": { "initialNotification": "24 hours", "incidentNotification": "72 hours", "finalReport": "1 month" }, "relatedRegulations": [ "cra", "eucsa", "dsgvo" ] }