About the course
NIS (The Directive on security of network and information systems) previously affected only a very small proportion of companies and organizations. But the new NIS2 covers critical societal and business operations within sectors such as energy, transport, finance, healthcare, the public sector, digital infrastructure, industry, and food – as well as their key suppliers. This means that a large number of organizations now need to ensure compliance with the new requirements.
To implement NIS2 in Sweden, a new Cybersecurity Act has been introduced, which entered into force on January 15, 2026. It emphasizes organizations’ responsibilities for registration, reporting and implementing the security measures required by the law. There is also a new requirement for organizational management to be trained in NIS2:
“Chapter 2, Section 4: Individuals who are part of the management of these organizations must undergo training on security measures.” – Cybersecurity Act (2025:1506)
This course provides you with the knowledge needed to understand NIS2 and how it is implemented in Swedish law, the specific requirements that apply to your organization, and how to proceed in order to ensure proper compliance with the legislation.
Content
- What is NIS2?
- Swedish legislation (the Cybersecurity Act and the Cybersecurity Ordinance)
- Who is covered by NIS2?
- Responsibilities
- Incident reporting
- Sanctions
- Implementation – what do you need to do to comply with the law?
Target audience
Time
3 h
Course type
Customizable for closed groups. Can be held on-site or digitally.
