Adapting to the NIS2 Directive proposal: the implications for companies in Latvia

Abstract

This Bachelor Thesis focuses on the legal framework of cybersecurity applicable in Latvia, specifically the NIS2 Directive and the implementation of it. This topic is currently important due to the rules of the NIS2 Directive being applied as of October 2024. This means that Member States of the European Union have been and currently are working on changes in their legal acts in order to comply with the regulations of the NIS2 Directive. Undeniably, this will affect the businesses in Latvia, as they will also have to make certain internal changes in order to comply with the new regulations. The aim of this Bachelor Thesis is to analyze the legal framework of cybersecurity in the European Union and in Latvia, covering also the topic of return of investment (ROI) within the scope of cybersecurity. The main research question is: how do businesses in Latvia within the scope of NIS2 Directive justify and measure the return of investment (ROI) in cybersecurity measures required by the Directive, and what business impacts do these investments have on their financial performance? The main goal of this Thesis is to research the legal framework of cybersecurity and ROI within the scope of cybersecurity.