NIS2 Readiness Assessment
The Swedish Cybersecurity Act (Cybersäkerhetslagen) entered into force 15 January 2026. We assess whether your company is in scope, identify your compliance gaps, and deliver a written report with a prioritised action list — in one session.
NIS2 has been implemented in Sweden through Cybersäkerhetslagen (SFS 2025:1506), which entered into force on 15 January 2026. It significantly expanded the sectors and company sizes subject to mandatory cybersecurity obligations — including board-level personal liability, 24-hour incident early-warning duties, and supply-chain risk management.
Most SME owners don't know whether their company is in scope. Companies with 50+ employees or €10M+ turnover in energy, transport, food, manufacturing, healthcare, digital infrastructure, water, chemicals, and postal services are all potentially covered.
We conduct a structured assessment: a 90-minute interview followed by a written gap report. You receive a plain-language document that tells you exactly what you comply with, what you don't, and in what order to fix it. Delivered in Swedish or English.
WHAT YOU GET
Scope determination — are you legally covered under Cybersäkerhetslagen?
Gap analysis against all 10 NIS2 mandatory security measures
Board liability briefing — what management is personally responsible for
Incident reporting obligations explained — including the 24-hour early warning duty to MCF
Prioritised action plan — what to fix first, what can wait
Written report within 3 business days of assessment session
Who needs this | Companies with 50+ employees or €10M+ turnover in: energy, transport, banking, healthcare, water, digital infrastructure, food, manufacturing, chemicals, postal, or waste management. |
Timeline | 90-minute session + 3-day report turnaround |
Delivered as | Written gap report (PDF) + executive board summary — Swedish or English |
Price | 9,900 kr (fixed price) |
