Cybersecurity is no longer confined to the IT department. With attacks increasing in scale and sophistication, and as digital and physical systems become more interconnected, the pressure is on for businesses to raise their cyber defences—especially those operating in critical sectors.
The European Union’s updated Network and Information Security Directive (NIS2) is the most significant cybersecurity legislation the EU has introduced to date. And while its main goal is clear—strengthening resilience across essential and important services—it also signals a shift in how businesses must approach cybersecurity: with structure, accountability and speed.
To support companies in understanding where they stand, Honeywell has developed a free NIS2 Readiness Quiz. It’s designed to give organisations a clearer view of how well their current policies, infrastructure, and reporting processes align with the directive’s requirements.
What is NIS2—and why does it matter?
NIS2 replaces the original NIS Directive introduced in 2016. The new version tightens security obligations and broadens the sectors covered. It applies to both “essential” entities (such as energy, healthcare, digital infrastructure, transport, and finance) and “important” ones, including manufacturers of critical products, food supply chain operators, and providers of postal, waste and water services.
Organisations within scope will be expected to:
- Implement risk management measures
- Report significant incidents within strict timelines (initial notification within 24 hours, full report within 72)
- Ensure board-level accountability
- Secure their supply chains
- Follow stronger enforcement processes, including the risk of fines for non-compliance
This is more than a technical requirement—it’s a business-wide obligation.
Why physical security businesses need to pay attention
The physical security industry is not exempt. As cameras, access control systems and other security technologies become more integrated with IT networks, the risk of cyber compromise grows—and so does scrutiny from regulators and clients.
For integrators and installers, NIS2 readiness may become a requirement when working on government or critical infrastructure projects. For manufacturers, developing cyber-secure products and updating them regularly will be key to remaining competitive and compliant.
If your business supports, supplies, or partners with organisations in sectors covered by NIS2, the directive is relevant to you, even if you’re not directly listed.
Honeywell’s quiz: a starting point for readiness
To help organisations gauge their level of preparedness, Honeywell has created a practical, quick-access quiz that covers core areas of compliance, including:
- Cyber governance and leadership involvement
- Risk assessment and mitigation
- Detection and incident response capabilities
- Reporting processes
- Supply chain security
At the end, participants receive an assessment of where their organisation stands, along with recommendations on next steps. It’s not a certification or audit, but it is a useful conversation starter and a way to identify potential gaps.
Honeywell’s aim with this initiative is clear: to help the industry get ahead of what’s coming, before enforcement begins.
Taking action now makes sense
The compliance deadline for NIS2 is approaching, with EU member states required to transpose it into national law by October 2024. That gives organisations a limited window to act.
For those already aligned with standards like ISO/IEC 27001 or NIST CSF, the road may be smoother, but there are still NIS2-specific requirements to meet, particularly around governance and response times. For others, this may be the first time cybersecurity obligations are being felt at every level of the business.
Honeywell’s quiz is a small but valuable step in a much larger journey—and one that reflects the growing awareness across the security industry that compliance, resilience and trust are now intertwined.
Take Honeywell’s NIS2 Readiness Quiz and start the conversation inside your organisation. Knowing where you stand is the first step toward meeting the standard—and protecting what matters most.
Has your organisation taken the quiz? We’d love to hear your experiences or tips for compliance. Get in touch at [email protected] or join the conversation on LinkedIn.