NIS2 & AI Act

Article 21 of NIS2 requires essential and important entities to take appropriate and proportionate technical, operational and organisational measures to manage risks to network and information systems. This includes information security policy, risk analysis, business continuity and supply chain security. Crucially, NIS2 applies the principle of "security-by-design" — security must be built into systems, not added as an afterthought.

Article 15 of the AI Act imposes a similar requirement on high-risk AI systems: they must be resilient against attempts by unauthorised third parties to alter their use, outputs or performance. This includes protection against adversarial attacks, data poisoning and other AI-specific threats. In sectors such as healthcare, energy and transport — sectors that are typically NIS2 entities — this means that AI systems controlling critical processes must simultaneously meet both security standards. A joint architecture review and integrated security test saves considerable effort.

Article 23 of NIS2 requires entities to report significant incidents to the competent authority within strict timelines: an early warning within 24 hours of identifying the incident as significant, a detailed incident notification within 72 hours, and a final report within one month. An incident is "significant" if it causes serious operational disruptions or financial losses, or significantly affects other entities or persons.

Article 62 of the AI Act requires providers of high-risk AI systems to report serious incidents to the national market surveillance authority. Deployers — the organisations using the system — must notify the provider. A "serious incident" under the AI Act includes incidents that pose a risk to the health, safety or fundamental rights of persons, or that cause material damage to property. In practice, one and the same event — an AI system making incorrect decisions in a hospital due to a cyberattack — can simultaneously qualify as both a NIS2 incident and an AI Act incident.

Article 21(2)(d) of NIS2 explicitly requires entities to address supply chain security, including the security aspects of relationships with direct suppliers and service providers. This means: due diligence on suppliers, contractual security requirements, and periodic assessment of their security level. For digital service providers — including cloud providers, managed service providers and AI providers — additional requirements apply.

The AI Act structures responsibilities through a provider/deployer chain. The provider (developer) is responsible for technical documentation, conformity assessments and registration. The deployer (user of the system) is responsible for correct use, human oversight and passing incidents to the provider. For a NIS2 entity that procures a high-risk AI system from an external provider, both NIS2 supplier obligations (supply chain security) and AI Act deployer obligations (governance, oversight, incident notification) apply. Both sets of obligations must be anchored in supplier contracts.

Article 20 of NIS2 is remarkable in the European regulatory landscape: it explicitly holds the management body (board of directors, executive board) responsible for compliance with cybersecurity obligations. Board members are required to follow training to have sufficient knowledge of cybersecurity risks. In cases of demonstrable negligence, board members can be personally liable. This represents a fundamental shift of cybersecurity from a technical to a board-level responsibility.

Article 26 of the AI Act imposes comparable governance obligations on deployers: deployers must ensure that high-risk AI systems are used correctly, that there is human oversight, and that involved staff are sufficiently trained. Although the AI Act does not introduce explicit board member liability as NIS2 does, the expectation of regulators is clear: AI governance must be placed at board level. Organisations combining NIS2 and AI Act obligations effectively have no choice: the board must demonstrably be involved in both cybersecurity and AI governance.

NIS2 defines essential entities in eleven sectors: energy, transport, banking, financial market infrastructure, drinking water and wastewater, health, digital infrastructure, ICT service management, space and public administration. The AI Act defines high-risk AI systems in Annex III based on application and sector — and the overlap with NIS2 sectors is striking.

Hospitals using AI for triage are essential NIS2 entities and deployers of high-risk AI (Annex III, point 5: life and critical private and public services). Energy companies using AI for network management are essential NIS2 entities and deployers of high-risk AI (Annex III, point 2: critical infrastructure). Municipalities using AI for benefit decisions are NIS2-bound public administrations and deployers of high-risk AI (Annex III, point 8: government authorities). The sector overlap is no coincidence: both frameworks target applications with significant societal impact.