Assonime Circular 23/2025 Analyzes NIS 2 Directive's Impact on Corporate Governance and Cybersecurity Responsibilities
regulations_and_complianceaccountabilityACNNIS_directiveNIS_2_directivesuppliersgovernanceguidanceinfrastructuresISO_27001NISnis2NISTincident_reportingcyber_risk
The Assonime Circular 23/2025 examines the cybersecurity governance framework introduced by the NIS 2 directive, highlighting its impact on companies' internal organization and the responsibilities of directors. The directive imposes obligations regarding cyber risk management, incident reporting, and compliance with standards such as ISO 27001 and NIST. Directors are directly affected by these requirements, which strengthen their accountability in protecting critical infrastructures and essential service providers. No specific implementation date is mentioned in the excerpt.