Cybersecurity by Industry: Sector-Specific Guidance
Different industries face different cyber threats and have different compliance requirements. These guides provide sector-specific advice tailored to your business context.
Industry Guides
Healthcare Cybersecurity
Protecting patient data, securing medical devices, and meeting NIS2 Essential requirements
Manufacturing Cybersecurity
OT security, supply chain protection, and securing production environments
For IT Partners & MSPs
Offer cybersecurity services to your clients with white-label solutions and partner programs
Professional Services
Cybersecurity for lawyers, accountants, consultants - protecting client confidentiality
Retail & E-commerce
Payment security, PCI-DSS, and protecting customer data in physical and online stores
NIS2 Sector Classification
NIS2 divides organizations into Essential and Important entities based on sector:
Essential Entities (stricter requirements)
- Energy
- Transport
- Banking
- Health
- Drinking water
- Digital infrastructure
- Public administration
Important Entities
- Manufacturing
- Food
- Chemicals
- Postal services
- Waste management
- Digital providers
Coming Soon
Financial Services
Banking, insurance, and DORA compliance
Not Sure Which Guide Fits?
Start with our NIS2 scope assessment to understand your classification, then use the relevant industry guide for implementation details.
Frequently Asked Questions
Why does industry matter for cybersecurity?
Different industries face different threats, have different regulatory requirements, and operate different types of systems. A one-size-fits-all approach misses critical sector-specific risks.
How do I know my NIS2 classification?
Your classification depends on your sector and size. Check our "Who Must Comply" guide for detailed criteria, or use our scope assessment tool.
What if my industry isn't listed?
Start with the CyberFundamentals framework - it applies to all industries. We're adding more sector guides over time. Contact us if you need specific guidance.