NIS2 Directive
Discover, protect and securely erase sensitive data – meeting NIS2's cyber hygiene and cryptography requirements across the EU's critical sectors.
Meet NIS2’s Data Protection Requirements with Jetico’s Solutions
Since 17 October 2024, organizations operating in the EU’s essential and important sectors must comply with the Network and Information Security (NIS2) directive. NIS2 expands cybersecurity obligations across critical infrastructure and digital services, with specific requirements for cyber hygiene and the use of cryptography.
Before sensitive data can be protected or erased, it must first be located. A practical NIS2 strategy starts with data discovery, then applies encryption to data that must be retained and secure wiping when data is no longer needed.
NIS2 Data Wiping
- Wiping practices are covered in the NIS2 directive under Article 21, paragraph 2, point (g), which refers to basic cyber hygiene practices:
“The measures referred to in paragraph 1 shall include at least the following: […] (g) basic cyber hygiene practices and cybersecurity training.” - Wiping is a core part of basic cyber hygiene practices, which involves permanently removing deleted files, junk and sensitive data to prevent unauthorized recovery and minimize security risks.
- To help your organization with NIS2, we offer BCWipe to wipe selected files and folders and BCWipe Total WipeOut to erase entire hard drives.
NIS2 Encryption
- Encryption is specifically addressed in the NIS2 directive under Article 21, paragraph 2, point (c), which states:
“The measures referred to in paragraph 1 shall include at least the following: […] (c) the use of cryptography and, where appropriate, encryption.“ - This clause emphasizes the importance of encryption as a critical security measure to protect sensitive data.
- To help your organization with NIS2 compliance, we offer BestCrypt Container Encryption to safeguard files and folders and BestCrypt Volume Encryption to protect entire hard drives.
Data Discovery & Classification –
Your First Step Toward NIS2 Compliance
Compliant with Leading Data Erasure & Security Standards
With Jetico, You Can
Jetico helps you discover where sensitive data resides, protect it while it’s needed and securely erase it when it’s no longer required – supporting every stage of the data lifecycle NIS2 expects you to control.
Need Help with the NIS2 Directive?
Our data protection specialists are here for you.
About NIS2 Directive
NIS2 builds upon the original NIS directive (2016/1148) and aims to establish a more robust framework for protecting critical infrastructure and digital services from emerging cyber threats.
NIS2 applies to a broad range of industries considered essential to the functioning of society and the economy:
- Energy: Electricity, gas and oil production, transmission and distribution
- Transport: Air, rail, water and road transport services
- Banking & Financial Market Infrastructures: Key financial institutions and market systems
- Healthcare: Hospitals, clinics and digital health services
- Digital Infrastructure: Cloud service providers, data centers and internet exchange points
- Public Administration: Central and regional government bodies
NIS2 implementation is supported by guidance from ENISA, the EU Agency for Cybersecurity, which publishes technical recommendations on cybersecurity controls including cryptographic measures, secure data handling and incident response.
Be sure to check out our other blogs covering compliance strategies and best practices, and learn how to meet the data wiping and encryption guidelines of the NIS2 directive.
News & Blogs
Stay updated with the latest news, insights, trends and expert tips on data protection and cybersecurity.
Check back here regularly for news and blogs