Annex II — Important Entities · Research

🔬NIS2 for Research Institutions — deadlines, obligations, fines

Research Institutions fall under NIS2 (Directive (EU) 2022/2555 + Romanian Emergency Ordinance 155/2024). See Art.21 obligations, deadlines, max fines and compliance roadmap for Annex II.

📋 Key obligations

▸ Academia Română, INCAS, ICEMENERG, universitățile cu cercetare critică
▸ Securitate date cercetare + IP
▸ Audit anual
▸ Plan continuitate
▸ Notificare incidente

⚠️ Typical threats

• Espionaj academic (state actors)
• IP theft
• Ransomware

💰 Maximum fines

Max 7 mil. EUR sau 1.4% cifra afaceri

📊 Romania compliance status

Universități + institute de cercetare sub 20% conformitate.

🛡️ How CAI Technology helps

AEGIS — Observability + SecOps with AI

Unified SIEM for on-premise DCs: logs + metrics + threat detection + AI incident analysis.

CAI-AUTH — Post-Quantum Identity Provider

OIDC IdP built in Romania with post-quantum cryptography (hybrid post-quantum signatures). Patent Pending.

Lexnomia — EU Compliance Audit Platform

Self-serve compliance audit across 7+ EU regulations: GDPR, NIS2, DORA, EU AI Act, ISO 27001, CRA, DSA.

Are you in the research institutions sector?

Free NIS2 audit for companies with 50+ employees. We reply within 24 business hours.

Request audit →