What is NIS 2?

The NIS 2 law is Denmark’s implementation of the EU’s NIS 2 Directive, which strengthens cybersecurity requirements for entities and organizations across the EU.

Obligations for all entities covered by NIS 2

The Act entered into force on 1 July 2025 and introduces obligations for covered entities and authorities, including:

  • Registration of the entity via the registration solution on Virk.dk (in Danish) (for foreign entities, NIS 2 registration can be done via this link)
  • Specific requirements for the entities’ management
  • Incident reporting on Virk.dk's website (in Danish)
  • Implementation of cybersecurity measures

The Ministry of Resilience and Preparedness coordinates the implementation of NIS 2 in Denmark, while sector-specific authorities, including the Danish Agency for Digital Government, ensure compliance within their respective sectors.

What are the requirements?

NIS 2 – Regulatory Framework

On the page below, you can get an overview of the different sets of rules that are relevant to know in relation to NIS 2. Each section also includes a link to where you can find the relevant regulations.

NIS 2 – Regulatory Framework