NIS2 and CER implementation in Danish Energy Sector – Why do Denmark over implement the directive

• 25Congreso Internacional de Ciberseguridad Industrial 2025Valencia24 + 25 SEPTIEMBRE 2025

The NIS2 Directive is now enforced in many European countries. In Denmark, the regulation for the energy sector includes additional requirements as part of its NIS2 implementation and has merged the NIS2 and CER directives into a single regulation.

In this session, I will explain why this approach has been adopted, why it is important for the cybersecurity of the Danish energy sector, and why it may also be of interest to other countries or implementations.

Additionally, I will elaborate on one of the more challenging aspects of the NIS2 Directive, the concept of “basic cyber hygiene”, and provide insights into what it entails, how it is addressed in Danish legislation, and how it aligns with international best practices in industrial cybersecurity.