Synch is a business-oriented Swedish lawfirm focused on innovation, digital business, and technology. Our business objective is to simplify the management of legal matters.
What is NIS2?
NIS2 is an EU directive that aims to achieve a high common level of cybersecurity across the Union, there by enhancing the overall resilience of critical entities’ information and networksystems. The directive will be implemented in Swedish law through the proposed Cyber Security Act (Sw: “Cybersäkerhetslagen”).
NIS2 is a significant revision of the earlier NIS Directive, for example in terms of expanding the number of sectors covered by the directive. The sectors that are covered by NIS2, are; energy,transport, banking, financial market infrastructures, health, drinking water, wastewater, digital infrastructure, ICT services, public administration, space,postal and courier services, waste management, chemicals, food, manufacturing of certain products, digital providers, and research.
All entities within the above mentioned sectors are, inter alia, required to implement several risk management measures as well as to report incidents to the supervisory authority. Importantly,covered entities must also ensure that their suppliers comply with the requirements (security through the “supply chain”). This in turn means that companies that are in sectors not directly covered by the directive will likely notice a significant increase in security-related obligations in all commercial contracts they enter into with customers. Non-compliance with the directive imposes the risk of having to pay hefty administrative fines and thus, covered entities will be keen to ensure compliance with the directive throughout their respective supply chains.
How can Synch assist you?
Synch is a leading Swedish law firm within the tech field with several experienced cybersecurity lawyers. Our dedicated cybersecurity team can assist you, inter alia, with the following:
An initial Applicability Assessment – an assessment of your business to determine whether you are directly covered by NIS2 or, possibly, affected as part of the supply chain of such a critical entity.
Provide a Compliance Checklist – based on the information provided about your business and current security measures taken, we draft a Compliance Checklist of what needs to be done to ensure compliance with NIS2.
Assist in the implementation phase – guiding you through the practical implementation stage, when words become actions. Also drafting required policies, and other documentation needed to document compliance withthe directive.
Providing training and spreading awareness – setting up seminars and workshops for your employees, to increase the awareness and preparedness within your organization.
Please feel free to reach out should you have any questions! Send an e-mail to
jim.runsten@synch.law, marcus.appeltofft@synch.law, or hugo.hartzell@synch.law.
