Information security and cyber security are two important perspectives in digitized operations. Sometimes the concepts are used synonymously, but usually together. The two concepts are closely related but do not mean the same thing, as the former focuses on the information (regardless of how it is handled and stored) while the latter focuses on the protection of digital systems.

The NIS Directive (Directive on Security of Network and Information Systems) adopted by the EU aims to achieve a high common level of security in networks and information systems within the European Union. The NIS directive is Swedish law, the law on information security for socially important services (LIS 2018:1174).

On 14 December 2022, the EU decided on NIS 2, the directive on measures for a high common level of cyber security throughout the Union. NIS 2 has a wider scope and also affects authorities and public administration.

Changes in the outside world actualize the need for information and cyber security.