NIS2 and the New Cybersecurity Act - Deadline Passed, Sanctions May Apply!
scale(8.33333)%22%3E%3CclipPath%20id=%22a%22%3E%3Cpath%20d=%22M0%200h56.693v56.693H0z%22/%3E%3C/clipPath%3E%3Cg%20clip-path=%22url(%23a)%22%3E%3Cpath%20d=%22M28.346.0C12.795.0-.001%2012.796-.001%2028.347s12.796%2028.347%2028.347%2028.347%2028.347-12.796%2028.347-28.347C56.676%2012.803%2043.89.017%2028.346.0m-9.259%2042.735h-6.448V22.3h6.448zM15.7%2019.748h-.046A3.583%203.583.0%200111.8%2016.206c0-2.018%201.558-3.547%203.939-3.547q.156-.014.312-.014a3.6%203.6.0%20013.581%203.555c0%201.98-1.51%203.548-3.934%203.548m29.19%2022.987h-7.312V32.162c0-2.767-1.144-4.657-3.659-4.657a3.7%203.7.0%2000-3.492%202.5%204.7%204.7.0%2000-.157%201.67v11.06h-7.244s.093-18.729.0-20.432h7.244v3.207c.428-1.4%202.743-3.4%206.437-3.4%204.582.0%208.183%202.939%208.183%209.267z%22%20style=%22fill:%238a959b;fill-rule:nonzero%22/%3E%3C/g%3E%3C/g%3E%3C/svg%3E)
%22%3E%3Cpath%20d=%22M12.12%201.176c5.846.0%2010.591%204.615%2010.591%2010.299.0%205.683-4.745%2010.298-10.591%2010.298-5.845.0-10.591-4.615-10.591-10.298.0-5.684%204.746-10.299%2010.591-10.299zM6.331%2017.264H17.91C18.308%2017.264%2018.649%2017.123%2018.932%2016.839%2019.216%2016.556%2019.358%2016.215%2019.358%2015.817V7.132C19.358%206.734%2019.216%206.394%2018.932%206.11%2018.649%205.827%2018.308%205.685%2017.91%205.685H6.331C5.932%205.685%205.592%205.827%205.308%206.11c-.283.284-.425.624-.425%201.022v8.685c0%20.398.142.739000000000001.425%201.022C5.592%2017.123%205.932%2017.264%206.331%2017.264zm0-8.684%205.789%203.618L17.91%208.58v7.237H6.331V8.58zm0-1.448H17.91l-5.79%203.619L6.331%207.132z%22%20style=%22fill:%238a959b%22/%3E%3C/g%3E%3C/svg%3E)
According to NÚKIB (the National Cyber and Information Security Agency), out of approximately 6,000 obligated entities, around 4,800 have so far notified a regulated service. The notification was to be submitted by the end of 2025.
NÚKIB is now starting to contact companies that were supposed to register but have not done so yet. These companies are already committing an administrative offence, and significant penalties may be imposed on them for failing to meet this obligation.
Not sure whether you need to notify a regulated service?
Don’t know how to implement the obligations under the new law?
Our firm has hands-on experience with NIS2 implementation and has a complete set of policies and related documentation. We will be happy to help you quickly submit the missing notification and align your internal processes with NIS2 requirements.
Contact us at info@stuchlikova.com to arrange a consultation.
