Summary of Article: Supporting SMEs with NIS2 Compliance
This article details two projects led by the SICP (a research and innovation association of the University of Paderborn) aimed at helping Small and Medium-sized Enterprises (SMEs) navigate and comply with the new EU NIS2 directive.
Key Takeaways:
* NIS2 Impacts SMEs: The NIS2 directive, affecting ~30,000 companies across 18 sectors, indirectly impacts many SMEs through supply chains and digital networking.
* challenges for SMEs: SMEs often lack the resources and expertise in IT security needed for NIS2 compliance.
* “KMU.kompetent.sicher” (SME.competent.safe): A training platform funded by the German Federal ministry for Economic Affairs and Energy (BMWE), offering modular video-based learning units, quizzes, and interactive tasks. It uses storytelling (like “true crime” examples) to explain cybersecurity threats. It aims to train both management and employees and is running for two years.
* “FitNIS2″ Navigator: A free online tool developed to help companies determine if they fall under the NIS2 directive, assess their current compliance level, and receive actionable recommendations. It has already seen significant usage (1,500 impact checks and 700 self-assessments in three months). Currently based on the BSI’s “CyberRiskCheck” and will be expanded to include industry-specific criteria. Funded until August 2026.
* Future Development: The “FitNIS2” navigator will provide sector-specific details and highlight overlaps with other relevant regulations.
* Complementary Resources: Both projects are intended as introductory resources, supplemented by a broader range of events and information.
In essence,the University of Paderborn,through the SICP,is actively working to provide accessible and practical support to SMEs in understanding and implementing the requirements of the NIS2 directive.
