In 2023, the EU enacted a directive on measures for a high common level of cybersecurity across the Union — Directive 2022/2555, or the NIS 2 Directive — which comes into enforcement on October 17, 2024. This worksheet provides an overview of the high-level implications for essential and important entities subject to the NIS 2 Directive. It helps organizations understand the requirements they must meet and supplies Forrester’s preparation recommendations and related research, where available, that can support requirements implementation.