Did you know that...
NIS2 means tougher sanctions.
If the directive is not followed, it can lead to significant fines, often based on the company's revenue. Management responsibility is also a key point.
NIS2 requires that the management is not only informed about cybersecurity risks but also actively engaged in managing them. This means that if the organization fails to comply with the directive’s requirements—for example, by not implementing adequate security measures—the management can be held personally liable.
Even more sectors are covered.
NIS2 imposes requirements for improved cyber hygiene and employee awareness.
A key requirement in NIS2 is that organizations implement good "cyber hygiene," which includes fundamental security measures such as password practices, system updates, and employee training. This applies not only to the organization itself but also to the partners it collaborates with.
NIS2 has an indirect impact through the supply chain.
Even if an organization is not directly covered by NIS2, it can be affected if a supplier, partner, or customer is subject to the directive.
If a critical supply chain experiences a cyberattack or operational disruptions, it can have consequences for organizations that depend on that chain.
NIS2 requires incident response and continuity planning.
NIS2 requires organizations to have robust plans for incident response and business continuity. This ensures that cyber incidents can be addressed swiftly and their impact on operations minimized, even if the incident occurs elsewhere in the supply chain.
Are you excited to get to know more? Contact us on sales@gridheart.com
Om en kritisk leveranskedja utsätts för en cyberattack eller får driftstörningar kan det få konsekvenser för organisationer som är beroende av denna kedja.
Comments