Chances are the answer is yes. That’s why we’re here to help you understand who exactly it impacts and how it will help improve your cyber-attack preparedness.
The clock is ticking for EU countries, as they are expected to bring NIS2 (The Network and Information Security Directive) into national law within 2024. This directive regulates the cyber and information security of companies and institutions, according to the EU.
The EU has been quite forward leaning in terms of the cyber-security of its member states. NIS2 marks a continuation and increase in protective measures, building upon the first NIS direction due to the rapid escalation in threat levels in recent years.
NIS1 was introduced in 2016 as a solid first step to secure the more essential services on which society depends. NIS2 is going even further, looking beyond just critical services, to now protect a wider range of industries and companies of all sizes.
What does NIS2 require of European companies?
NIS2 requires organizations to take greater risk management measures to both prepare for and prevent a cyber-attack, and to recover faster after it. The aim is to protect networks and information systems through proactive steps that help build resilience. Compliance with the measures in NIS2 are designed to empower organizations to act quickly when under attack.
Some of the measures required by NIS2 include implementing policies on risk analysis and information security, as well as business continuity planning to ensure that a back-up is in place and damage can be minimized during a disaster or crisis. Companies are also required to have cyber security training in place, as well as introduce other security measures, such as multi-factor or other types of authentication solutions.
What types of companies will have to comply with NIS2?
More sectors are now in scope with NIS2, as we see that cyber-attacks are not only targeted at the industry giants. Even small companies and non-critical sectors are a growing target for threat actors. This directive now covers critical industries (like water and electricity), transportation (trains, highways, air travel, boats), banking, healthcare, digital infrastructure, ICT management, public administration and more. As you can see, it’s far wider in scope and many more sectors must ensure their compliance.
What does NIS2 mean for my video conferencing solution?
One of the new criteria in NIS2 is specifically related to business continuity planning. The directive dictates that a back-up management and disaster recovery solution is in place. During any crisis or disaster, communication is key, but the system or infrastructure may be affected to the extent that communication is not possible through the typical means.
Pexip specializes in business continuity and disaster recovery, as it’s built to be able to operate complete offline. We can offer our product completely self-hosted, even in air-gapped environments, so that it’s not affected by network outages, digital attacks or other disasters that may hit. It means that all systems may fail, but Pexip’s video meetings can still run at a time when communication is of utmost importance.
- Meet & collaborate securely
- Business continuity