Free trial Request quote Contact me
28March
There will be more: When it comes to NIS
Network and Information Security (NIS) is a new EU directive scheduled for launch 2018 - just like GDPR. The NIS Directive implies that all organizations that carry out socially relevant activities and utilities, such as water supply, power supply, transport, healthcare, etc., must demonstrate that they are structured and continuously working to meet IT security requirements. In other words, municipalities, county councils, authorities and private companies all need to be concerned about these requirements.
By Stefan Thelberg Topics: GDPR, NIS, General Data Protection Regulation

In the wake of the new Data Protection Regulation (GDPR), yet another EU directive will be launched shortly. Admittedly, NIS has perhaps been slightly overshadowed due to its "big sister" GDPR, which is understandable given GDPR's drastic impact for more or less all organizations in the EU. The difference between GDPR and NIS, however, is clear and distinct. GDPR is designed to strengthen individuals' protection of personal data, which indirectly demands increased IT security, while NIS directly places demands on IT security work in general. Under NIS, organizations must be able to demonstrate that they work in a structured and continuous manner with the security of their IT environment and in addition, that security incidents are reported as required.

As per the directive, the EU urges the organizations concerned to take the necessary measures to be protected and to ensure that socially important vital functions are maintained at all costs, even within the span of an IT attack.

Many organizations wonder if NIS is justified or if it can be seen as an excessive enforcement of this type of new-era regulations? At Holm Security, we see nearly every day why the NIS is needed. According to our own market research (conducted in February / March 2015), fewer than 1/3 of all organizations have a structured protocol for working with their IT security. In reality, the number is probably even less. Taking municipalities as an example, MSB (Swedish Civil Contingencies Agency) did a 2016 survey that showed that 7 out of 10 Swedish municipalities do not work systematically with their information security. Here too, it is likely that the proportion in reality is higher than reported. You can read about MSB's survey at https://www.msb.se/new-requestions-to-communities-work-with-informationsupport.

In the coming year (2018) an alarming number of organizations are likely to be blindsided by these new regulations and their implications. Instead of waiting, see today how you can control the security of your entire IT environment with ease and efficiency. Don’t hesitate to talk to us about how Holm Security VMP can quickly and efficiently help secure your organization.

About the author
Stefan Thelberg has worked with IT security for the entirety of his career, and is the founder of successful IT security company Stay Secure - a standout firm in the real of email and web security.

Stefan Thelberg
+46 (0)739-99 33 12
stefan.thelberg@holmsecurity.com