The NIS2 Directive, which aims to establish a high common level of cybersecurity across the EU, is being transposed at varying speeds and approaches by EU member states.
Thus far, 15 of the 27 EU countries have adopted national legislation to implement NIS2.
Cullen International’s assessment of 18 member states also reveals differences in how key aspects of the directive are being transposed. For example, some countries (e.g. the Czech Republic and Spain) could expand the scope of sectors covered by NIS2.
In nine of the surveyed countries, the telecoms sector remains under the supervision of the national regulatory authority (NRA).
Additionally, the research identifies national authorities responsible for oversight, cybersecurity incident response, and coordination within the digital sectors.
For more information on the benchmark and Cullen International's complete NIS2 coverage, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
30 April 26
National implementation of the EU AI Act: a snapshot of AI laws, regulatory bodies and penalties
Our latest benchmark provides an overview of the national laws (proposed or adopted) to implement the AI Act, including measures such as the designation of competent authorities, the set-up of regulatory sandboxes and the establishment of a framework on penalties.
29 April 26
Video game regulation and child protection: limited binding rules across the Americas
Our latest benchmark covers online gaming regulation in selected countries in the Americas region.
28 April 26
Postal redirection services are offered by all incumbent operators, despite not being required by regulation in most cases
Our new benchmark gives an overview of whether postal redirection services are included under the universal service obligation across different European countries. It also provides information on whether such services are offered commercially and their pricing.