Swedish Energy Agency
Swedish Energy Agency
01/15/2026 | Press release | Distributed by Public on 01/15/2026 02:04
New Cybersecurity Act enters into force in Sweden
The NIS2 directive is implemented into Swedish law by the new Cybersecurity Act.
The Cybersecurity Act (2025:1506) and the Cybersecurity Ordinance (2025:1507) enter into force today, 15 January 2026. This means that the NIS2 Directive, which aims to raise the overall level of cybersecurity across the EU, is implemented into Swedish law. At the same time, the NIS Act (2018:1174) on Information Security for Essential and Digital Services is repealed.
The Cybersecurity Act requires entities within its scope to:
- register with the regulatory authority
- implement appropriate security measures
- provide management training
- report significant incidents.
"With the Cybersecurity Act and the new Ordinance entering into force today, Sweden is taking an important step towards strengthening the overall level of cybersecurity within the EU," says Titti Norlin, Head of Unit at the Swedish Energy Agency.
Last updated: 2026-01-15
Swedish Energy Agency published this content on January 15, 2026, and is solely responsible for the information contained herein. Distributed via Public Technologies (PUBT), unedited and unaltered, on January 15, 2026 at 08:04 UTC. If you believe the information included in the content is inaccurate or outdated and requires editing or removal, please contact us at [email protected]