Contact us

Compliance with NIS2 Directive

The NIS2 Directive is the EU-wide legislation on cybersecurity. The aim of this Directive is to boost the overall level of cybersecurity in the EU and to ensure that a high level of common cybersecurity measures are adopted.
European Union territory highlighted on a world map

The challenge

Read more

Evolving EU cybersecurity landscape

The EU’s Network and Information Security (NIS) Directive, first introduced in 2016, has undergone a significant update with the introduction of the NIS2 Directive, which came into force in January 2023. It modernised the existing legal framework to keep up with increased digitisation and an evolving cybersecurity threat landscape.

Increased compliance obligations for critical sectors

A wide range of sectors are now within scope, including ICT Service Management, Financial Market Infrastructures, Cloud Computing, Healthcare, and Medical Devices. These organisations must comply with stringent security and notification requirements.

Formalisation of management requirements

Entities identified by Member States as "essential" or "important" must formalise their cybersecurity governance, processes, and reporting to align with the NIS2 requirements placing new demands on leadership, operational teams, and technology infrastructures.

Glowing stream of data bits with EU stars, representing GDPR and European data protection
Silhouette of justice scales in front of European Union flag
3D illustration of a computer chip with EU flag on digital background

The service

BH Consulting provide these services to organisations required to comply with the NIS2 Directive:
  • NIS2 readiness assessment: a gap analysis with a focus on the ‘Foundational Actions’ for each of the 16 Risk Management Measures (RMM) required to meet the legislative obligations of the Directive. Our methodology involves use of a Risk Management Measures based questionnaire specially developed to follow the requirements specified in the NIS2 Directive and tracking the NCSC IRL latest recommendations. This enables us to generate a bespoke report outlining areas to address and suggested remediation steps, mapped to the requirements of the directive while considering the latest updates from the National Cyber Security Centre on NIS2.

  • NIS2 compliance program: we will help to align your current cybersecurity management with NIS2. This includes making recommendations around modifications and improvements to security controls and helping to put in place policies and procedures to meet the requirements of NIS2. NCSC’s Risk Management Measures Guidance and its Foundational Actions is the key framework we use for this work. We also consider ‘Supporting Actions’ which are further controls that may be required, depending on the specific risks faced by the organisation.
European Parliament building in Strasbourg, France with flags waving

Benefits

Provides a management framework to allow your organisation demonstrate compliance with NIS2

Provides a formal cybersecurity strategy aligned to the requirements of your organisation which pays due regard to the requirements of the directive

Implements a risk based approach to the management of cybersecurity

Supports building processes to enhance cyber resilience and vendor risk management

Testimonials

“We engaged the services of BH Consulting in September to act as our DPO. Our DPO Annemarie, understands the way in which we work and has completely adapted her approach to suit our needs. I couldn’t recommend Annemarie and the team at BH consulting highly enough.”

Jack & Jill Children’s Foundation logo
Deirdre Walsh – Compliance Manager & Retail
Jack & Jill Children’s Foundation

“The expertise BH Consulting provided to ensure we have a robust GDPR compliance framework in place was great. We would have no hesitation recommending BH Consulting to others in a similar position.”

Meg healthcare logo
Guvanch Meredov – Head of Product
MEG

“Make-A-Wish Ireland has been working with BH Consulting for three years and have found them to be incredibly supportive. The support we have been given is practical, logical, and most importantly calming. We would highly recommend any company to work with BH Consulting.”

Make‑A‑Wish logo
Susan McQuaid O’Dwyer – CEO
Make a Wish Ireland

“BH Consulting have been our CISO since February 2019 and we have found their expertise to be extremely beneficial. We really like the fact that they are independent and not tied to any vendors or solutions.”

Derek Wilson – CIO
Origin Enterprises Plc

“BH Consulting provide a reliable and valuable service to our organisation. Their expertise and continued guidance has been a great support to us since the introduction of GDPR.”

Car Trawler logo
Eimear Vellekoop
CarTrawler

Why get in touch with BH Consulting

BH Consulting is a trusted, independent cybersecurity and data protection consultancy with over 20 years of experience. Whether you need expert guidance on compliance, risk management, or security strategy, our team delivers practical, vendor-neutral advice tailored to your needs.

  • Trusted by global brands and public sector bodies
  • ISO 27001-certified team with deep domain expertise
  • Proven track record in delivering real-world solutions
  • Flexible services: CISO/DPO as-a-Service, audits, training & more

Let’s start a conversation about securing your business.

cyber ireland 2021 logo
Respect in Security Pledge logo

Areas of interest*