Legal
NIS2 Sanctions: What Directors Really Risk
5 min read
NIS2 establishes explicit and severe penalties. For essential entities: up to EUR 10 million or 2% of global turnover. For important entities: up to EUR 7 million or 1.4% of global turnover.
Personal Liability of Directors
Article 20 requires management bodies to approve and supervise cybersecurity measures. Directors can be sanctioned individually, including temporary bans from exercising management functions.
Enforcement Powers
National competent authorities (NCSC, BSI, ANSSI, etc.) can conduct audits, on-site inspections, issue compliance orders and publicly disclose breaches. For essential entities, supervision is proactive.
*This article is for informational purposes only and does not constitute legal advice.*
This article is provided for informational purposes only and does not constitute legal advice.