Every industrial cybersecurity question demands a tailor-made answer and solution. Our focused team of professionals who understand your business are here to assist your company in securing your mission critical facilities to the highest level.
The European Parliament and EU Member States reached a political agreement on May 13 on the Directive on measures for a high common level of cybersecurity across the Union (NIS 2 Directive).
The existing rules on the security of network and information systems (NIS Directive) were the first piece of EU-wide cybersecurity legislation and have paved the way for a significant change in mindset, institutional and regulatory approach to cybersecurity in many Member States.
To respond to Europe’s increased exposure to cyber threats, the NIS 2 Directive now covers medium and large entities from more sectors critical to the economy and society, including providers of publicly available electronic communications services, digital services such as datacenters that now also belong to ‘critical infrastructure’ and must therefore meet certain minimum requirements.
Extending the scope covered by the new rules, by effectively requiring more entities and sectors to adopt cybersecurity risk management measures, will help raise the level of cybersecurity in Europe in the medium and long term.
The NIS 2 directive also strengthens the cybersecurity requirements imposed on businesses, addresses the security of supply chains and supplier relationships, and introduces top management accountability for non-compliance with cybersecurity obligations.
It streamlines reporting obligations, introduces stricter supervisory measures for national authorities, as well as stricter enforcement requirements, and aims to harmonize sanctioning regimes in Member States. It will contribute to increased information exchange and cooperation on cyber crisis management at national and EU level.