Commission calls on 19 Member states to fully transpose the NIS2 Directive

The European Commission decided to send a reasoned opinion to 19 Member States (Bulgaria, Czechia, Denmark, Germany, Estonia, Ireland, Spain, France, Cyprus, Latvia, Luxembourg, Hungary, the Netherlands, Austria, Poland, Portugal, Slovenia, Finland and Sweden) for failing to notify full transposition of the NIS2 Directive (Directive (EU) 2022/2555).

A digital padlock with a circuit board design against a blue background with binary code. It is related to computer security, data security, and cyber security. — GettyImages © Peach

Member States had to transpose the NIS2 Directive into national law by 17 October 2024. The NIS2 Directive aims to ensure a high level of cybersecurity across the EU. It covers entities operating in critical sectors such as public electronic communications services, ICT service management, digital services, wastewater and waste management, space, health, energy, transport, manufacturing of critical products, postal and courier services, and public administration. Full implementation of the legislation is key to further improving the resilience and incident response capacities of public and private entities operating in these critical sectors and the EU as a whole. Therefore, the Commission has decided to issue a reasoned opinion to 19 Member States, which now have two months to respond and take the necessary measures. Otherwise, the Commission may decide to refer the cases to the Court of Justice of the European Union.

You can read the Directive (EU) 2022/2555.

Commission calls on 19 Member states to fully transpose the NIS2 Directive

Last update