The implementation of the NIS 2 Directive brings new cybersecurity obligations for gaming operators and their suppliers in the EU. This article outlines the directive’s requirements and how it relates to the gambling industry, focusing on its impact, compliance timelines, and associated obligations.
Key Points
- The NIS 2 Directive enhances cybersecurity measures for essential and important entities, including some gambling operators.
- Categories affected include Digital Service Providers and Managed Service Providers relative to gambling services.
- Italy’s Legislative Decree No. 138/2024 implements the directive, mandating compliance registration and reporting timelines.
- Malta’s Legal Notice 71 of 2025 introduces a new compliance framework, replacing the previous NIS 1 regime.
- Entities must implement cybersecurity controls, including risk management and incident reporting obligations.
- Non-compliance could result in significant fines, emphasising the need for proactive measures.
Why should I read this?
If you’re in the gambling sector or related industries, this article is a must-read! The NIS 2 Directive could affect your operations significantly. Staying ahead of these new obligations means you can avoid hefty fines and ensure your cybersecurity measures are up to scratch. We’ve done the heavy lifting for you—dive in to get the full picture!