NIS2 – Page 2 – CIO.works

ENISA NIS360 2024 Report: a Comprehensive Look at Cybersecurity Maturity and Criticality of NIS2 Sectors

ENISA's NIS360 2024 report assesses the cybersecurity maturity and criticality of NIS2 sectors in the EU, identifying improvement areas. Key findings highlight that electricity, telecoms, and banking are the most mature and critical, while digital infrastructures lag. Recommendations stress enhanced sector collaboration, development of specific guidance for NIS2 implementation, and cross-border cooperation. Other sectors like ICT, space, and health face unique challenges requiring tailored guidance and awareness to improve resilience. The report aims to inform national authorities and policymakers for effective strategy development.

https://www.enisa.europa.eu/news/enisa-nis360-2024-report

ENISA: Embedding Resilience in Critical Infrastructure

By CIO / Blog / cybersecurity, NIS2, supply chains

ENISA, led by Marnix Dekker, focuses on enhancing cybersecurity for critical infrastructure in the EU, emphasizing support for smaller suppliers against supply chain attacks. Compliance with the new NIS2 regulations is key to maintaining operational resilience. ENISA aims for harmonized security practices across member states to avoid fragmented approaches that could hurt collective cybersecurity. Dekker's team works on implementing NIS directives and fostering collaboration to aid less-secure sectors.

https://www.databreachtoday.com/enisa-embedding-resilience-in-critical-infrastructure-a-27351

Network and Information Systems (NIS2)

By CIO / N / cybersecurity, NIS2

NIS2 Directive: EU cybersecurity legislation enhancing network information security for critical sectors, expanding scope, improving risk management, and increasing penalties for non-compliance.

The NIS2 Mandate: What Every Organization Needs to Know

By CIO / Blog / cybersecurity, NIS2

NIS2 Directive enhances cybersecurity for critical sectors in the EU. Compliance deadlines set for October 2024. Organizations must identify if they fall under NIS2, which covers 18 sectors, and implement mapped cybersecurity controls. Stricter reporting requirements include notifying incidents within 24 hours. Organizations should prepare via review of NIS2, conduct exercises, and enhance employee training. Ongoing communication with local authorities and external advisors is advised. Continuous improvement expected as member states implement legislation.

https://www.sans.org/blog/the-nis2-mandate-what-every-organization-needs-to-know/