There's less than a month left until the deadline for transposing NIS2 into national law.
What you need to know:
NIS2 is the most comprehensive European cybersecurity directive to date, presenting stricter requirements for risk management and incident reporting.
With broader coverage of sectors and tougher sanctions for non-compliance, hundreds of thousands of EU organizations will have to re-evaluate their cybersecurity stance.
What has changed:
- There has been an increase in the sectors of activity covered by NIS2 compared to NIS1.
- Examples of new sectors are: Wastewater, Space, Public Administration, Research, Production, Processing and Distribution of Food Products, Production, Processing and Distribution of Chemical Products, Postal and Courier Services, Waste Management, Manufacturing, ICT Service Management;
- Compared to NIS1, there has also been a very significant increase in the fines that non-compliant organizations can be subject to.
Why you should comply:
Organizations that do not comply with the NIS2 directive may be subject to the following fines:
- Essential entities may be subject to fines of up to 10 million euros or 2% of their global turnover, whichever is higher.
- Significant entities may be subject to fines of up to 7 million euros or 1.4% of their global turnover, whichever is higher.
In addition to monetary sanctions, non-compliant organizations can be subject to non-financial measures, such as compliance orders, binding instructions, notification and communication requirements for the parties involved, and implementation of changes based on safety audit findings.
How CyberSafe can help:
We can help your organization implement NIS2 measures to ensure compliance with this Directive.
Either with compliance consultancy services to help implement measures to comply with NIS2 requirements, or by providing solutions and services to operationalize some of the measures:
1) Consulting services for policy development and risk analysis
2) SOC as a Service and Incident Response services
3) RiskRecon solution for identifying supplier security risks and weaknesses
4) Security Assesment Services, vulnerability analysis, Pentesting and Red Team Services.
5) Security Awareness Services
6) Data encryption solutions
7) Access control solutions
8) Multi-factor authentication solutions
When it comes to cybersecurity, we are always at the forefront, with the latest and most innovative solutions and the services that best suit the needs of organizations.
If you would like to know more about how your organization can become more cyber secure, please contact us.
Comments