Logo
StreamLex Home
Logo
StreamLex Home
Laws
Laws
Recitals
Recitals
News
Trackers
Resources
Contact
About Us
News
Recitals
Trackers
Resources
Newsletter
Terms of Use
Privacy Notice
LinkedIn
undefined | StreamLex

Cybersecurity roles and skills for NIS2

Cybersecurity roles and skills for NIS2 Essential and Important Entities

This guidance outlines how NIS2 obligations (such as risk management and incident reporting under Articles 21 and 23) are mapped to relevant European Cybersecurity Skills Framework (ECSF) roles. It provides detailed mappings of 12 ECSF role profiles—like CISO, incident handler, system admin—to specific regulatory tasks and deliverables. Practical use‑cases demonstrate how medium‑sized organisations can plan staffing, upskill or outsource to meet legal requirements. The guidance also helps Member States align workforce strategies with NIS2 implementation objectives.

Metadata

Author: European Union Agency for Cybersecurity (ENISA)

Status: Adopted / Published

Adoption date: 2025-06-26

Last updated: 02 Sept 2025

Category: Guidance

Subcategory: Official guidance

Relevant laws and articles:

NIS2
21
23
Source URL:https://www.enisa.europa.eu/publications/cybersecurity-roles-and-skills-for-nis2-essential-and-important-entities

View Documents

Viewing: Mapping NIS 2 obligations with ECSF role profiles

© 2026 StreamLex

NewsletterAbout UsTerms of UsePrivacy NoticeManage Cookies

© 2026 StreamLex