Cybersecurity regulation is tightening. Companies must act now to ensure compliance and seize the opportunity to improve their security posture. But understanding which of the growing number of regulations, directives, or regulatory frameworks apply to organizations operating in Europe’s critical infrastructure sectors can be daunting.

The DNV Cyber Regulation Compass provides guidance.

How it works

Answer a few simple questions about a company’s business, sector, and operations, and a simple scoring mechanism provides guidance on which key cybersecurity regulations, directives, or regulatory frameworks could apply to the organization’s activities in the EU. The Regulation Compass will indicate the likely relevance of NIS2, the AI Act, CER, CRA, DORA and IMO/IACS.

Key benefits

Drawing on DNV Cyber’s expertise, the tool reflects the latest requirements that regulations, directives, or regulatory frameworks are imposing on operators, suppliers, and distributors in critical infrastructure sectors in Europe. The findings point to companies' potential compliance needs and supports further planning and priorities.

By identifying potentially overlapping regulatory demands, the compass can also identify possible synergies to tackle these needs together rather than repeating tasks.

We hope that this regulation compass will prove valuable for organizations' initial compliance planning efforts.

DNV Cyber experts are specialized to aid further progress by sharing regulatory knowledge, assisting clients stay ahead of developments in their industries and geographies.