News / 15.1.2026

Cyber security high on the agenda for Grieg Connect

Grieg Connect has successfully completed an independent NIS2 verification, confirming that our security routines meet the latest standards for digital services in European ports.

What is NIS2

NIS2 (Network and Information Security Directive 2) is the EU’s updated cybersecurity directive for organisations that deliver or support essential services such as ports, transport, energy, water supply, and digital infrastructure.

The directive sets clear legal requirements for organisations to have documented and verifiable processes covering:

  • Cyber risk management
  • Incident detection and reporting
  • Supplier and third‑party security
  • Management accountability

NIS2 replaces the earlier NIS directive and introduces stricter, more harmonised rules across all EU member states. Each country must implement the requirements into national law, and organisations can face sanctions and substantial fines for non‑compliance.

What the Verification Covers

The assessment reviewed how Grieg Connect manages

risk and prepare for incidents as well have structured approach for reporting of incidents and data breaches. Other parts of the assessment include supplier relationships and protecting of sensitive data.

Grieg Connect operates, according to recognised security practices and established processes, to ensure system stability and resilience.

Why This Matters

Ports rely on digital tools for daily operations—planning, billing, security, and vessel handling. These systems must have clear rules for data management and incident response.

Port management information systems must be reliable. NIS2 verification demonstrates that our security framework is in place. The goal is simple: stable, robust PMIS that ports can trust over time

Morten Berntsen, Head of Projects and Data Security, Grieg Connect

A Common Baseline

Across Europe, ports and suppliers are aligning with shared security expectations. NIS2 creates a clear baseline so operators know what to expect from the systems they use. A NIS2 verification confirms that key routines— risk reviews, supplier checks, monitoring, and incident handling—are documented and active.

Continuous Improvement

Security is an ongoing process. Threats evolve, and systems develop. Grieg Connect conducts regular reviews, updates, and monitoring to stay ahead of new requirements and risks.

Get in touch with our team if you would like to hear more about our efforts in this area.