Abion / Blog / Understanding NIS2 – the EU’s New Cybersecurity Directive

8, November 2024

Understanding NIS2 – the EU’s New Cybersecurity Directive

Domain Management
English
Uncategorized
Domain NIS2

The NIS2 directive enhances cybersecurity across the EU by expanding the scope of industries covered, including domain registrars and web security providers, and imposing stricter security measures to protect against cyber threats, improve transparency, and ensure faster incident response. This article outlines how NIS2 impacts your business and the benefits it brings to brand protection and digital security.

With the continued expansion of the online world, cybersecurity has become essential for both individuals and businesses to prevent digital threats that could compromise sensitive information, financial security, and brand reputation. As such, European Union policymakers are introducing more legislation to heighten cybersecurity standards and curb online fraud, and the latest Network and Information Security Directive 2 (NIS2) is a significant step in that direction. With the inclusion of key players like domain registrars and web security providers into this directive, it is a sign that the digital sphere is being more closely studied with the aim of bringing enhanced security and accountability to digital services across Europe.

While we are yet to see the effects of NIS2 in practice, it is hoped it will bring real benefits for brand owners and consumers alike with better protection against cyberattacks, enhanced transparency in online transactions, and stronger security for digital identities.

What is NIS2?

The EU’s NIS2 directive builds upon the 2016 Network and Information Security (NIS) Directive by expanding the scope of industries and tightening security requirements across Europe.

E-commerce monitoring

This directive mandates new cybersecurity practices for essential and digital service providers, covering sectors like telecommunications, finance, healthcare, and, for the first time, domain registrars and web security companies.

This expansion means the companies managing online data and ensuring users’ digital safety must now meet higher security standards. These changes aim to bring benefits to everyone using digital services—from businesses protecting their brand and reducing fraudulent activity to individual consumers concerned about privacy, security and transparency about who operates the websites they visit.

How NIS2 Protects Brands and Consumers

Whether you’re a brand-conscious consumer, a business owner, or someone who relies on secure online services, NIS2 offers several key protections designed to enhance your experience and security in the digital world:

  • Improved Security and Reduced Risk of Cyberattacks
    Under NIS2, domain registrars and web security providers must implement stricter security protocols with the aim of reducing the number malicious domain registrations or cyberattacks that exploit weak security systems. This in turn makes it harder for fraudsters to use domains and websites to impersonate legitimate brands, safeguarding online interactions.

  • Enhanced Transparency and Accountability
    One of the main concerns when interacting with websites is the uncertainty around who owns and manages these sites. Domain registrars are already required to maintain up-to-date and accurate information on domain owners. However, NIS2 introduces some key differences that enhance and reinforce these existing obligations, making it easier to verify the legitimacy of a website. These additions aim to help further protect not only consumers against online fraud and phishing scams but also enable brand owners or IT security teams to track down and report bad actors effectively and more quickly.

  • Faster Response to Security Incidents
    NIS2 enforces strict reporting requirements, meaning that digital service providers must notify authorities about cyber incidents within 24 hours. This immediate response reduces the risk of prolonged exposure to security threats. This also ensures faster communication and potentially quicker resolutions for customers affected by an incident and minimises the impact on personal data or business operations.

  • Better Data Protection for Digital Identity
    Identity theft, domain impersonation, and data breaches can have devastating consequences for consumers and businesses alike. By enforcing more robust cybersecurity measures, NIS2 requires companies to protect user data more effectively, including stricter safeguards around how information is stored and processed. For brand owners, the hope is that this means less risk of unauthorised domain registrations that could damage reputation or compromise intellectual property, while for consumers it aims to reduce fraud and online threats that compromise personal information and digital transactions.

  • Penalties for Non-Compliance
    The NIS2 directive includes strict penalties for non-compliance, motivating businesses to swiftly meet its requirements. This accelerates the adoption of enhanced cybersecurity measures, helping to realise the directive's benefits sooner - like stronger protection against cyberattacks, greater transparency, and faster incident response. The result is a more secure and resilient digital environment for all users.

Benefits of NIS2 for Brand Owners and Small Businesses

For brand owners, online brand abuse from counterfeit products and fake domains can harm reputation and ultimately the bottom line. NIS2 addresses these issues directly, with the objective of making it harder for malicious actors to hijack brands and make it easier for companies to take corrective action if they do in the following ways:

  • Reduced Counterfeiting and Brand Impersonation
    With stronger controls on domain registration and requirements for accurate WHOIS data (a database of domain data), NIS2 provides more transparency, making it harder for counterfeiters to establish fake websites under your brand’s name. This protects not only a company’s reputation but also their customers from falling victim to harmful counterfeits or scams that target brands.

  • Stronger Legal Recourse and Collaboration with Authorities
    NIS2 encourages closer cooperation between digital service providers, regulatory bodies, and brand owners. This cooperation means quicker action on fraudulent websites and domain take-downs, helping to defend brands and intellectual property more effectively.

  • Improved Security for Digital Transactions
    For businesses that rely on secure online transactions, NIS2 requires digital service providers to adopt advanced cybersecurity measures. This provides a safer environment for conducting transactions, protecting both businesses and their customers from breaches that could lead to data theft or financial loss.

  • Secure Supply Chains for E-Commerce
    NIS2 requires web security companies to vet the security of their third-party providers. This hopes to reduce risks from vulnerabilities in supply chains, ensuring that even the smaller parts of e-commerce transactions, like payment gateways, are secure. As an online shopper, this gives added peace of mind that every part of the purchasing process is protected.

What Does NIS2 Mean for the Future of the Digital Experience?

The implementation of NIS2, and the enhanced obligations it brings for domain registrars and web security providers, represents a shift toward a safer, more transparent, and accountable digital environment. For consumers, this directive promises fewer fraudulent websites, better protection of personal data, and faster responses to potential security issues. For brand owners and businesses, the directive aims to enhance the integrity of online brands and offers more tools to fight cybercrime, safeguard intellectual property, and secure customer trust.

With the domain and web security industry increasingly being scrutinised by EU policymakers, it’s clear that further legislative efforts are likely, which will drive providers in these industries to adopt more advanced, compliant practices. While we have yet to observe the full impact of NIS2, the anticipated improvements mark a positive move for users and brands acting in good faith. Ultimately, NIS2 isn’t just a regulatory change—it’s a significant step toward creating a safer, more resilient digital environment that better serves and protects its users.

Key takeaways

  • Enhanced Security and Protection Against Cyberattacks: While we have yet to observe the full impact of NIS2, the directive aims to strengthen security protocols for domain registrars and web security providers, reducing the risk of fraud, domain hijacking, and cyberattacks. This makes online interactions safer for both consumers and brand owners by limiting malicious activity.
  • Greater Transparency for Consumers and Brand Owners: NIS2 enforces stricter domain registration rules and requires accurate WHOIS data, improving the ability to verify legitimate websites. This transparency helps protect consumers from scams and phishing attacks while making it easier for brands to track and address fraudulent activity.
  • Faster Incident Response and Communication: The directive mandates that digital service providers report cyber incidents within 24 hours, ensuring quick response times and minimising the duration of exposure to threats. This enhances consumer protection by facilitating faster resolution of security issues.
  • Better Protection for Digital Identities: NIS2 requires stronger data protection measures for user information, aiming to reduce identity theft, domain impersonation, and data breaches. This is crucial for both businesses and consumers, ensuring safer online transactions and a more secure digital identity.
  • Improved Business and Brand Security: By enforcing stricter controls on domain registration and encouraging collaboration between service providers and regulatory bodies, NIS2 offers businesses better tools to fight cybercrime, protect intellectual property, and safeguard their brand reputation.
Images

cottonbro studio via Freepik

Jeanett.Tesfaledet

AUTHOR

Jeanett Tesfaledet

Registrar Compliance Manager

Contact me

Share blog

Need Help Registering a Domain?

Get in touch with us today for expert assistance!

Related read

Domain Names

ICANN Ends Private Auctions for gTLDs

Domain Management
English
16, October 2024
ICANN has announced that private auctions will no longer be allowed — which were previously used to resolve situat...
Läs mer
.nu ruling

The .nu Domain Debate: Insights from the Recent Court Decision

Domain Management
English
15, March 2024
Discover how a misunderstanding over a domain name led the remote South Pacific Island of Niue into an internation...
Läs mer

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data