At the end of 2022, the European Parliament approved two new legislations: the second version of its Network and Information Systems Directive (NIS2) and the Digital Operational Resilience Act (DORA). As of 18th October, 2024, EU Member States are required to adopt NIS2 measures, while DORA will be enforced on 17th January, 2025. Both of these laws are set to significantly alter the way organisations in the EU approach digitisation and cybersecurity. But what do these legislations entail? What risks could they create from a compliance standpoint? And how can a modern Identity solution help? In this blog, we provide answers to all the above. NIS2 and DORA: what are they? Network and Information Security Directive (NIS 2) is part of the EU's wider efforts to improve cybersecurity and protect critical infrastructure from cyber threats. It seeks to ensure that digital service providers have appropriate security measures in place to.