NIS2 is the EU cybersecurity directive that has applied across member states since October 2024, affecting tens of thousands of organisations. It is not purely a technical challenge — it is an operational discipline that organisations must demonstrate during audits, incidents, and regulatory reviews.
Centralised log retention plays a central role. Without it, organisations cannot prove what happened in their environment, who accessed what, or how they responded to a security incident.
Below you will find a practical overview of key NIS2 topics — from determining whether you are in scope to the specific technical requirements around logs and audit trails.
NIS2 and log retention: overview
A practical introduction to NIS2 for leadership and IT: who is likely in scope, why logs are central, and what a realistic minimum looks like.
Are we in scope for NIS2?
How to determine whether your organisation qualifies as essential or important — including indirect obligations through the supply chain.
Different NIS2 obligation levels
What distinguishes the requirements for essential and important entities, and what that means for your security measures in practice.
Management responsibility under NIS2
What NIS2 demands from executives and management — personal accountability, approving measures, and their role during incidents.
Which logs you need for audit
An overview of log sources relevant for NIS2 audit — from network infrastructure to user access and configuration changes.
Audit, traceability and evidence
How centralised logs form an evidence trail for audits, incident investigations, and demonstrating compliance to regulators.