NIS 2 and DORA: What impact will they have on cloud service providers?

The number of entities that will be subject to NIS 2 is estimated to be 10 to 30 times greater than those affected by NIS 1. This directive has not yet been transposed in all European countries. The DORA regulation on cybersecurity in the financial sector, in force since January 2025, is already impacting third-party cloud and ICT providers.