What is NIS2?



The NIS2 Directive (Network and Information Systems 2) is a legal measure aimed at establishing cybersecurity standards for critical infrastructure across EU countries.


By implementing NIS2, the European Commission seeks to enhance cybersecurity within the European Union and boost international collaboration to counter cyberattacks.


Effective since January 16, 2023, EU Member States are required to integrate the directive into their national laws by October 17, 2024. This initiative will assist approximately 160,000 entities in bolstering their security measures. 

To be well prepared, organizations should start addressing the directive immediately rather than waiting for the finalization of local government drafts.

The NIS2 Directive updates the 2016 NIS Directive.



A significantly larger number of organizations are now affected, with the number of sectors expanded to 18. 

Organizations must assess cyberattack risks across their supply chain, and cyber risk management is now mandatory. 

Organizations are required to provide employee training and conduct cybersecurity audits. 

Senior management is personally liable for damages resulting from non-compliance with cyber risk management duties.

Severe penalties can be imposed for violations, and strict reporting requirements must be followed. 

Member States must designate a national CSIRT (Computer Security Incident Response Team).
Energy (electricity, oil, water, hydrogen)
Health (hospitals, laboratories, research and development, pharmaceuticals, medical device manufacturers)
Transport
Banking and finance
Drinking water
Waste water
Digital infrastructure
ICT service management in B2B
Space
Public administration
Postal and courier services
Waste management
Chemical products
Food
Processing/manufacturing industries
Digital services (online marketplaces, search engines, social networks)
Research

Do you supply an essential or important sector?

You are also indirectly affected by NIS2, as the directive mandates that critical infrastructure providers and key sectors among the identified 18 must address cybersecurity throughout their supply chains.
Cyber risk management made easy with ASRM

Trend Micro's Attack Surface Risk Management (ASRM) leverages AI to automatically determine the risk score of your IT environment.

This technology evaluates your environment from an attacker’s perspective, gathering internal data from connected sensors and correlating it with security information from numerous external sources, including publications by government agencies, law enforcement, security companies, and analysts. 

Minimise the scope of damage with XDR

Even with the implementation of top-notch security measures, it's important to acknowledge that all risks cannot be entirely eradicated. Therefore, it's crucial to remain vigilant about the potential for attacks. To mitigate the impact of such incidents, the ability to swiftly detect and halt any threat is paramount.

Trend Micro XDR (Extended Detection and Response) offers the most effective solution for this purpose. XDR ensures comprehensive visibility across your entire IT infrastructure, gathering Security Intelligence from all connected systems and employing AI to analyze and translate it into actionable alerts.

This approach significantly reduces false positives, enabling you to promptly understand the nature of incidents, identify affected systems, and determine necessary actions.

How ASRM and XDR work together

ASRM and XDR are seamlessly integrated into Trend Vision One, a comprehensive cybersecurity platform that enables centralized monitoring and control.

Should ASRM identify a potential risk, XDR will conduct a thorough investigation, and conversely, if XDR detects indications of a cyberattack, ASRM promptly updates the risk status. Through this integrated approach, these two technologies collectively mitigate the likelihood of cyberattacks and limit the extent of potential damage.


The implementation of NIS2 becomes a challenge due to the lack of security expertise and a shortage of IT professionals. Consequently, many SMBs will need to depend on Managed Service Providers (MSPs) to ensure and maintain NIS2 compliance in their daily operations.

Key requirements include:

Attack detection
Risk management
Reporting obligation

Download the Best Practice Guide for Implementing NIS2

You will be able to unsubscribe from our mailing list anytime. Your data will be threated in accordance to Exclusive Networks privacy notice
 

Exclusive Networks in the Adriatics:

  • Exclusive Networks BH d.o.o.
    Fra Anđela Zvizdovića 1, 71000 Sarajevo, Bosna i Hercegovina
    Phone: +387 33 266 675
    VAT ID: 201422430008
    Register no: 4201422430008
  • Exclusive Networks Croatia d.o.o.
    Nikole Cara 6, 51000 Rijeka, Croatia
    Zagreb office: Remetinečka cesta 5а, 10000 Zagreb, Croatia
    Phone: +385 1 5535465
    VAT ID: 37765589121
  • Exclusive Networks d.o.o. Beograd – Novi Beograd
    Omladinskih brigada 90b
    11070 Beograd
    Phone: +381 11 402 42 00
    Reg no: 21094463
    VAT ID: 108923914
  • Exclusive Networks Slovenia d.o.o.
    Dunajska cesta 159, 1000 Ljubljana, Slovenia
    Phone: +386 (0) 1 292 76 51
    Reg no: 1658379000
    VAT ID: SI80376959
  • Corporate HQ
    20, Quai du Point du Jour,
    Arcs de Seine, 92100
    Boulogne Billancourt, France
    Tel: +33 (0)1 41 31 53 04
    Fax: +33 (0)1 41 31 47 86
 

#WeAreExclusive