So this isn't an official site from the EU, and is instead just a big add for a password management company https://uniqkey.eu/en_US/
As far as I can read in there as well the proposal hasn't been approved/ratified yet, so I don't know what fool is going to pay someone to prepare for a directive that isn't even official yet.
Especially considering that OP posted a link to uniqkey a couple months ago on HN (not necessarily wrong, but considering that downloading the "whitepaper" also asks for a bunch of PI...)
For those of you already familiar with NIS, this update increases the scope to more industries (e.g. waste management) but also reduces the work needed in some cases.
This practice of putting up official looking and sounding pages for things like this while just using it for marketing is borderline evil, another example would be this https://zanzibar.academy/
This is not the official site, but it has most of the information all together at one place. Also i the bottom you will find the big section where it disclaimer everything. So I don't see anything about fooling or fishy.
It does not. Other than mandating some details about cryptography and MFA, it's mostly about company processes, incident reporting, security training, risk assessments and such.
And it only affects corporations and other entities in a few select sectors of critical importance to society.
From a sysadmin perspective, these things are so unbelievably frustrating. Just give me a list of things we need to do and we will do it. I don't want to hunt for the requirements and need a law degree to implement it. I looked for what we need to do and I can't find it.
As far as I can read in there as well the proposal hasn't been approved/ratified yet, so I don't know what fool is going to pay someone to prepare for a directive that isn't even official yet.