On 10th May 2018, the NIS Directive came in to force, with the aim to improve the security and resilience of network and information systems across the EU, as well as increase cooperation between member states.
The directive requires Operators of Essential Services (OESs) and Relevant Digital Service Providers (RDSPs) to:
Why is this important?
1. Adhering to the directive will help you to achieve organisational resilience and respond effectively to cyber threats
2. Non-compliance could lead to significant fines and cause reputational damage
Is my organisation subject to the regulation?
Industry regulators, otherwise known as Competent Authorities (CA), have or are in the process of defining the thresholds for whether an organisation is in scope. The general descriptions of each type of organisation that is subject to the regulation is set out in schedule 2 of the NIS Regulations 2018.
As an OES or RDSP, you will need to:
We can support you in your journey to compliance with the NIS Directive. In order to establish your present and target state, we have developed a NIS readiness assessment workshop, which, combined with our subject matter expertise, is an excellent first step and can support you in:
What do I need to do now?
Who can I speak to?
If you would like to speak to us about the NIS Directive, how it will impact your organisation, or how we can support you, please get in touch with one of our team.