Medici

Analytica

Back to cybersecurity

NIS2 & compliance

The NIS2 directive expands the set of companies that must demonstrably manage cybersecurity. We don't turn this into a scare story or a pile of paperwork in a drawer — we guide you through what actually applies to you and prepare documentation that also makes operational sense.

Cyber ForzaCyber ForzaAutonomous Security Systems
Cyber Forza — security and compliance

Who it affects

We help determine whether and to what extent NIS2 applies to your company — without unnecessary panic or underestimation.

What's needed

Technical measures and organizational rules. We focus on what actually reduces risk, not on checking a box.

How to sustain it

Compliance isn't a one-off action. We set up a process that stays valid even after an audit or staff changes.

How we work

From gap analysis to a remediation plan

An illustrative scope of work. We tailor the concrete steps to your size and industry.

Step 1

Gap analysis

We compare your current state against NIS2 requirements and find out where you really stand.

  • Scope of obligations for your company
  • Overview of missing measures
  • Priority by risk and impact
Step 2

Policies and documentation

We prepare the security policies and documentation a regulator will expect from you.

  • Security policies
  • Incident management plan
  • Asset and access records
Step 3

Remediation plan

You get a concrete roadmap — what to do, in what order, and with what impact.

  • Phased plan of measures
  • Technical and organizational recommendations
  • Materials for management

Not sure if NIS2 applies to you?

Get in touch and, in a short consultation, we'll determine the scope of your obligations and the first practical steps.