Cybersecurity risk management measures should take into account the degree of dependency of the essential or important organisation on network and information systems and include measures to identify risks of incidents, to prevent and detect incidents, to respond to incidents, to enable recovery from incidents and to mitigate their impact.
The security of network and information systems should cover the security of data stored, transmitted and processed.
Over a period of time, to be determined based on the context and scope of application within each organisation, activities will be carried out to assess the level of compliance/maturity, prepare mandatory documented information, establish/consolidate a Risk Management process, establish/consolidate an Incident Management process, and operationalise all ongoing operation and management processes recommended by the NIS 2 Directive.
Our focus is to provide specialised and experienced assistance tailored to the specific needs of each organisation with the ultimate goal of compliance with the NIS 2 Directive.
Download brochure for more information here.
Find out how the DORA Regulation complements the NIS 2 Directive to strengthen cybersecurity in the financial sector. Find out more here.
