Products
System & Network Scanning
Find vulnerabilities in your entire infrastructure
Web Application Scanning
Find vulnerabilities in your web apps and APIs
Phishing & Awareness Training
Increase resilience against social engineering
Business needs
Information
Partner solutions
COMPLIANCE
The NIS (Network and Information Security) Directive is an EU-directive that sets security demands aimed to improve the overall protection of critical infrastructure for essential and certain digital services. All organizations that are regarded as essential services must work systematically with their information security - and demonstrate compliance.
NIS (The Directive on Security of Network and Information Systems) is the first EU directive to increase cyber security throughout the EU. On May 9th, 2018, each EU member state must have implemented NIS in its local legislation. The NIS directive sets requirements for cyber security in networks and information systems. The law covers private and public providers of vitally important services – or so-called operators of essential services. The background to NIS is the growing threat to all types of organizations - not least from foreign powers.
The following sectors are affected by the NIS directive:
Including subsectors; electricity, oil, and gas.
Including subsectors; air transport, rail transport, shipping, and road transport.
Including subsector; healthcare environments (including hospitals and private clinics).
Delivery and distribution of drinking water.
Financial market infrastructure, e.g., payment services
Banking activities of various kinds.
Digital infrastructures, such as the delivery of DNS and TLD registries.
To strengthen the internal market and reduce susceptibility, NIS requires essential community services to adopt a systematic and risk-based security approach and report incidents.
According to NIS, organizations providing vitally important services have several primary obligations:
On December 16th, 2020, a proposal was submitted to the European Commission regarding a new NIS directive called NIS 2 or NIS 2.0. A revision of NIS, which, if adopted, will affect more sectors to comply with NIS. Vitally important services include postal and courier services, waste management, chemicals, food, manufacturing of other medical devices, computers and electronics, machine equipment, motor vehicles, and digital suppliers. When NIS 2 will come into force has not been determined, and the proposal is under evaluation. Once the directive is adopted, each EU member state will have 18 months to implement the directive as local legislation.