Are You NIS-2-ready?

Find out where you stand and what needs to be done in just a few minutes

What is NIS-2?

The NIS-2 Directive (Network and Information Security Directive 2) is an EU-wide cybersecurity regulation that has been in force since October 2024. It requires organisations in critical sectors to maintain a minimum level of cybersecurity.

Important: Failure to comply may result in fines of up to €10 million or 2% of global annual turnover, as well as personal liability on the part of the management.

How does this check work?

Am I affected?

Check how likely you are to be affected by NIS-2

Status check

Our checklist will help you see where you currently stand and what's still missing

Next steps

We provide you with recommendations on how to address the measures you have yet to implement

1 Am I affected by NIS-2?

Please tick the relevant boxes.

Quick check

You provide your services within the EU or carry out your business activities there Company size: >50 employees OR >€10 million annual turnover My company operates in a sector covered by NIS-2:
Energy, Healthcare, Transport & Logistics, Digital Infrastructure, ICT Service Management (B2B), Drinking Water, Wastewater, Food, Post & Courier, Public Administration, Financial Markets, Banking, Space, Waste Management, Chemicals, Research, Digital Services, Manufacturing Special cases: My business falls into one of the following categories (regardless of size):
Qualified trust service providers, top-level domain name registries, DNS service providers, providers of public electronic communications networks or of publicly available electronic communications services, entities identified as critical entities under Directive (EU) 2022/2557, as well as entities identified by a Member State as essential entities pursuant to Art. 3 NIS2 Directive (2022/2555).

HINWEIS: This quick check assesses the three most important criteria for NIS-2, but should not be regarded as a legally binding impact assessment.

2 Self assessment: NIS-2 core requirements

Here you can now tick which requirements you already meet, or which processes you already maintain. If you are unsure or simply wish to see all recommendations in general, simply leave the relevant checkboxes unticked.

	Requirement & Description	What are the consequences of non-compliance?

NOTE
The consequences listed are for guidance only and do not claim to be exhaustive or legally binding. The actual extent of possible sanctions always depends on the individual case and is governed by the applicable legal regulations.

3 Your next steps

Summary: You have 0 out of 16 requirements that have not yet been met.

Based on the information you have provided, we have created an overview for you on how to implement your remaining requirements, including our recommendations for action.

Our recommendations

Requirement	What you can do now

NOTE
This information is based on our personal recommendations and should be understood as general advice and guidance, which may vary depending on the company, systems and structures!

Achieving compliance with MDR

24/7 monitoring, incident response, reporting. A team that takes on what you cannot manage yourself.

Managed Detection & Response (MDR) steps in where your resources fall short: an external team of experts monitors your IT around the clock, detects threats in real time and actively intervenes when necessary. For SMEs, this is hardly optional anymore, as NIS-2 and robust cybersecurity are difficult and unsustainable to achieve without this foundation.

With NovaMDR™, we take care of exactly that for you. Professional protection at group level, without the need for your own security department. You focus on your core business; we ensure that nothing slips through the net. NovaMDR™ fully covers even the most complex NIS-2 requirements:

NIS-2 Requirement	NovaMDR™	Details
24/7 Security Monitoring	✓ Fully covered	SOC team in Nuremberg, data centre in Frankfurt, IT/EN/GER speaking support
Incident Response	✓ Fully covered	Automatic response + analysts
Log management (6+ months)	✓ Fully covered	12 months' storage included
Vulnerability management	✓ Fully covered	Continuous vulnerability scanning
Incident reporting obligation	✓ Support	Reports & documentation for authorities
Documentation	✓ Support	Automatic compliance reports
Regular tests	✓ Fully covered	Monthly security assessments

See for yourself

Still not entirely sure whether MDR is the right solution for you and your business? Use NovaMDR™ for the first 90 days completely free of charge and risk. Cancel at any time during that time period. No hidden costs. Full protection from day one. And a big step closer to NIS-2 compliance.

And if you'd like to see a comparison, what having your own security team would cost: our ROI calculator provides you with the figures in just a few clicks.

Calculate your security costs: In-house SOC vs. NovaMDR™

Setting up and maintaining an in-house security team can be both complex and costly.
You can find out just how expensive it can be and how much you can save with MDR in just a few clicks here.

MDR ROI Calculator

Calculate used value

Security Experts HR Cost

Compensation plus corporate costs per security expert and a minimum of 8 personnel for 24/7 coverage

Excludes costs for specialized security experts that perform staff management, incident response, threat intelligence research, malware analysis and reverse engineering, and more.

per year

Price based on the employees (business size) per year in EUROs

TEAM

€ 0

Technology and Infrastructure

Security Information and Event Management (SIEM) System

Invest in a SIEM solution for real-time analysis of security alerts generated by applications and network hardware.

Endpoint Detection and Response (EDR) Tools:
Implement EDR tools for continuous monitoring and response to advanced threats.

Threat Intelligence Platforms
Utilize threat intelligence to gather insights about emerging threats and adversary tactics.

Firewalls
Deploy these technologies to protect your network and endpoints from malicious activities.

per year

TECHNOLOGY

€ 0

ENDPOINT

€ 0

THREAT

€ 0

FIREWALLS

€ 0

Operational Costs

Resource Management

Regular Assessments

Compliance and Governance

Standard Operating Procedures (SOPs)

Develop Incident Response Plans

Culture and Awareness

per year

OPERATIONAL

€ 17,100

TOTAL IN-HOUSE COSTS

Estimated cost of building your SOC team in-house.

per year

TOTAL DIY

€ 0

NovaMDR^TM Pricing

per year

NovaMDR^TM

Cost of a Breach

The Average Cost of a Data Breach (based on data from IBM’s – The Cost of a Data Breach Report 2023 report)

per year

€ 0M

NovaMDR

NovaMDR
24/7 Managed Detection and Response for Small & Medium Sized Enterprise

Response Integrations
Implement automated playbooks to disrupt & deny active threats

Managed Detection and Response with NovaMDR

Forenova Compliance Guide

Blog

May 12, 2026

Die NIS-2-Falle im Mittelstand: Warum 24 Stunden über die Existenz Ihres Unternehmens entscheiden können

April 13, 2026

The WhatsApp Spyware Crisis: Why a fake update is the cleverest hack of 2026

March 31, 2026

Next-Gen AI Agents: Why DACH SMEs are underestimating the new cyber risks

Resources

Cybersecurity Essentials

Cybersecurity Essentials
Learn How to Protect Your Online Identity and Information with Cybersecurity Essentials

Are You NIS-2-ready?

What is NIS-2?

How does this check work?

1 Am I affected by NIS-2?

Quick check

2 Self assessment: NIS-2 core requirements

3 Your next steps

Our recommendations

Achieving compliance with MDR

24/7 monitoring, incident response, reporting. A team that takes on what you cannot manage yourself.

See for yourself

Calculate your security costs: In-house SOC vs. NovaMDR™

MDR ROI Calculator

Security Experts HR Cost

Technology and Infrastructure

Operational Costs

TOTAL IN-HOUSE COSTS

NovaMDR^TM Pricing

Cost of a Breach

Contact us!

Services

Partners

Company

Resources

NovaMDR

NovaMDR 24/7 Managed Detection and Response for Small & Medium Sized Enterprise

Response Integrations Implement automated playbooks to disrupt & deny active threats

Managed Detection and Response with NovaMDR

Forenova Compliance Guide

Blog

May 12, 2026

Die NIS-2-Falle im Mittelstand: Warum 24 Stunden über die Existenz Ihres Unternehmens entscheiden können

April 13, 2026

The WhatsApp Spyware Crisis: Why a fake update is the cleverest hack of 2026

March 31, 2026

Next-Gen AI Agents: Why DACH SMEs are underestimating the new cyber risks

Resources

Cybersecurity Essentials

Cybersecurity Essentials Learn How to Protect Your Online Identity and Information with Cybersecurity Essentials

Are You NIS-2-ready?

What is NIS-2?

How does this check work?

1 Am I affected by NIS-2?

Quick check

2 Self assessment: NIS-2 core requirements

3 Your next steps

Our recommendations

Achieving compliance with MDR

24/7 monitoring, incident response, reporting. A team that takes on what you cannot manage yourself.

See for yourself

Calculate your security costs: In-house SOC vs. NovaMDR™

MDR ROI Calculator

Business Size

Industries

Security Experts HR Cost

Technology and Infrastructure

Operational Costs

TOTAL IN-HOUSE COSTS

NovaMDRTM Pricing

Cost of a Breach

Contact us!

📄 PDF exportieren

NovaMDR
24/7 Managed Detection and Response for Small & Medium Sized Enterprise

Response Integrations
Implement automated playbooks to disrupt & deny active threats

Cybersecurity Essentials
Learn How to Protect Your Online Identity and Information with Cybersecurity Essentials

NovaMDR^TM Pricing