In a significant move to support Finnish organizations’ cybersecurity, Finnish Information Security Cluster (FISC) – Kyberala ry has published a comprehensive guide on the application of the EU’s NIS 2 (Directive (EU) 2022/2555). This directive, set to become law on April 8, 2025, aims to enhance cybersecurity across organizations and society at large.
Strengthening Cybersecurity
The NIS2 directive is a crucial part of the European Union’s efforts to improve cybersecurity among its member states. It focuses on ensuring the continuity and profitability of businesses while imposing obligations for managing digital risks. By adhering to or exceeding the directive’s requirements, companies can gain a competitive edge and contribute to societal cyber resilience.
National implementation in Finland
In March 2025, the Finnish Parliament approved the cybersecurity law that incorporates the NIS2 directive into national legislation. The government has proposed that the President of the Republic ratify the law on April 4, 2025, with it coming into effect on April 8, 2025.
Practical guidance for organizations
The newly released guide by FISC is designed to help organizations ensure their cybersecurity practices comply with the new legislation and enhance risk management in practice. The guide offers clear interpretations and best practices for meeting the directive’s requirements.
For more detailed implementation guidance for Microsoft Azure, I recommend reading this blog post by Microsoft: Azure tools to navigate NIS2 compliance
Collaborative effort
The creation of this guide was a sector-wide project initiated in the fall of 2023. It involved experts from 18 different companies, allowing for a broad range of expertise and perspectives to be incorporated.
FISC representing Finnish cybersecurity companies, is committed to supporting organizations in improving their cybersecurity.
Availability
The guide is available for free and aims to support companies in adapting to the evolving legal requirements and enhancing their cybersecurity measures. You can view the guide here (sorry, in Finnish only): NIS2 Implementation guide.
Insights and implications
The NIS2 directive represents a significant step forward in the EU’s approach to cybersecurity. By expanding the scope and strengthening measures, it aims to protect critical infrastructures, essential services, and key sectors from cyber threats.
This directive not only addresses the security of supply chains but also streamlines reporting obligations and introduces more stringent supervisory measures and harmonized sanctions across the EU.
For businesses, this means a greater emphasis on proactive cybersecurity measures and a need to stay ahead of potential threats. The guide by FISC is an great resource in navigating these new requirements and ensuring compliance. It reflects a collaborative effort to enhance cybersecurity resilience and helps to enable a safer digital environment for all.
You can learn more about FISC here: FISC – About us
Share this post:
Leave a Comment