NIS2 requires enterprises to implement structured cybersecurity risk management and governance; identifying the scope of application is the first step.
Only 5% of CISOs prioritize the “Harvest Now, Decrypt Later” threat despite second-highest concern about quantum computing, while standards for quantum-resistant encryption are available from 2024.
NIS2 and KRITIS impose varying levels of cybersecurity obligations on healthcare facilities depending on whether they are classified as critical infrastructure and their size.