The NIS II Directive is a European Union law adopted in 2022 to strengthen cybersecurity across member states. It expands the scope of the original NIS Directive by including more sectors and entities, such as energy, transport, health, and digital infrastructure. The directive requires critical infrastructure operators and essential service providers to implement robust cybersecurity measures, report significant incidents, and cooperate with national authorities. Its goal is to increase the overall resilience of networks and information systems in the EU, reduce cyber risks, and improve incident response. NIS II also introduces stricter supervisory measures and harmonized sanctions for non-compliance.