EU countries must officially adopt and publicly announce their measures to follow the NIS2 directive by October 17, 2024, and then begin actually using these measures starting from the following day, October 18, 2024, to ensure timely and uniform cybersecurity measures across the European Union.
Yes, EU Member States must immediately notify the European Commission as soon as they have put their national measures in place to comply with NIS2, to allow coordination and ensure that each country aligns properly with the cybersecurity standards required by the directive.
Yes, when publishing their measures related to NIS2, Member States must explicitly refer to this directive or include a clear reference alongside the official announcement, ensuring citizens can easily understand that these changes come directly from following the EU-wide cybersecurity directive.
Each Member State individually decides the exact method they will use to clearly refer to or mention the NIS2 directive when publishing their cybersecurity regulations, allowing for flexibility to accommodate different national publication practices and procedures while ensuring clarity about the directive’s role.
