The Danish NIS 2 Law is the primary piece of legislation that businesses should consult. In addition to the law, there are three other key regulatory instruments related to NIS 2: the NIS 2 Implementing Regulation, the NIS 2 Directive, and Bekendtgørelsen om udpegning af kompetente myndigheder (The Regulation on the Designation of Competent Authorities).
The Danish NIS 2 law forms the core of the national implementation of the NIS 2 Directive. It sets out specific requirements for entities covered by the legislation such as measures to strengthen cybersecurity, obligations for management, and mandatory reporting of significant incidents to the authorities.
The NIS 2 law (retsinformation.dk)
The Implementing Regulation supplements the NIS 2 law for most entities within the digital sectors. It clarifies when an incident should be considered significant and outlines the technical and methodological requirements for managing cybersecurity risks.
NIS 2 Implementing Regulation on Critical Entities and Networks (European Commission)
For further support, ENISA has published guidelines to help entities comply with the regulation: ENISA guidelines
The NIS 2 Directive refers to the Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union. The Danish NIS 2 law implements the obligations from this directive.
The directive aims to enhance and harmonize cybersecurity and resilience across the EU for businesses in a wide range of sectors, as well as for public authorities deemed critical to the economy and society.
NIS 2 Directive on EUR-lex.europa.eu
This regulation covers two main aspects: 1) Designating which Danish authorities are responsible for supervising compliance with NIS 2 requirements. 2) Defining how companies must register and report incidents in the event of security incidents — serving as a supplement to the framework outlined in the NIS 2 law.
Regulation on Designation (retsinformation.dk)
For inquiries regarding NIS 2 registration for entities in the digital sector, please contact the Agency for Digital Government at: NIS@digst.dk
