Practical NIS-2 Requirements for Critical Infrastructure Operators in Public Services

Marco Havekost

Manager, Sopra Steria

Xhemi Malosmani

Associate Consultant, Sopra Steria

The NIS-2 Directive significantly tightens cybersecurity requirements for operators of critical infrastructure and essential public services across the EU ‒ including energy, water supply, and municipal utilities. But what does this mean in practice for organizations affected today? This on-demand webinar shows you exactly how to interpret and implement NIS-2 requirements effectively.

Find out more

Watch now

In just 45 minutes, our experts walk you through the key regulatory obligations ‒ from risk management and incident response to supply chain security and reporting ‒ with practical, implementable guidance designed for real-world application.

What You’ll Learn

After watching this webinar, you will understand:

Which organizations fall under NIS-2 and what obligations they must meet
Technical and organizational measures required by the directive
How to adapt incident response and business continuity processes to comply
Effective strategies for managing supply chain risks and reporting
Available support options to help implementation succeed

Get instant access to the On-Demand webinar and start aligning your NIS-2 strategy with best practices today.

Watch now

Speakers

Marco Havekost

Manager, Sopra Steria

Marco Havekost works as a manager and joined the Sopra Steria team in 2018. His consulting expertise lies in IT governance, IT compliance, risk management, and the implementation of regulatory requirements in line with the DORA Regulation. He supports organizations in particular with gap analyses, the derivation of measures, and the development of strategic IT target visions. Other areas of focus include requirements management and project management.

Xhemi Malosmani

Associate Consultant, Sopra Steria

Xhemi Malosmani is Associate Consultant at Sopra Steria and joined the team in 2024. Her consulting focus is on the Digital Operational Resilience Act (DORA) and NIS-2. She supports organizations in particular with topics such as risk management, incident management, and incident recovery. She also specializes in SfO analysis, BCM, and testing digital operational resilience.

Further Resources

Webinar

Action Over Planning – IAM Project Management Tips and Insights (DE)

Identity and Access Management (IAM) isn’t just an IT initiative – it’s a strategic enabler of security, operational efficiency, and compliance in modern digital businesses. Yet too many IAM projects stall before they begin: over-planning, uncertain priorities, regulatory complexity, and limited resources can slow progress and undermine results.

Watch webinar

Whitepaper

Turning Obligation into Advantage: NIS-2 and the Strategic Value of Identity & Access Management

The NIS-2 Directive significantly raises the bar for cybersecurity across Europe, placing Identity & Access Management at the center of compliance and security efforts. This whitepaper explains why IAM under NIS-2 is not merely a regulatory obligation, but a strategic foundation for resilience, transparency, and control. Developed in collaboration with egerer Consulting, it brings together regulatory insight and strategic consulting expertise with practical guidance on implementing NIS-2 requirements using a modern IAM solution.

Download whitepaper

Blog Article

Keeping Dependencies Up to Date: How Beta Systems Secures the Software Supply Chain

Open-source dependencies are the backbone of modern software development. They speed up innovation, reduce development effort, and make it possible to build complex systems in short timeframes. But this efficiency comes with a trade-off: every external library becomes part of your own product’s security posture. In this article, we explain how Beta Systems secures the software supply chain through effective dependency management and automation.

Read article