blog に戻る

2023年12月19日 George Gerchow

NIS2: Prepping your cybersecurity plan

NIS2: Prepping your cybersecurity plan

If you are an organisation that operates or does business in the European Union (EU), then your team is likely preparing for the NIS2 Directive, an EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU and goes into effect on October 17, 2024.

However, according to a survey by cybersecurity firm Sailpoint (and a Sumo Logic customer), only 34% of organisations in the UK, France, and Germany are prepared for NIS2. With just under a year to go, businesses need to put the pedal to the metal when it comes to NIS2 compliance and get ahead on their cyber preparation.

What is NIS2

NIS2 is the EU’s latest effort to strengthen the security of networks and information systems (it’s very similar to the recent SEC regulations). It builds on the foundation of NIS1, expanding its scope to cover a broader range of sectors, including digital service providers and online platforms. The directive aims to enhance the overall cybersecurity posture across critical sectors, such as energy, transportation, health, and more.

NIS2 is crucial for bolstering the cybersecurity resilience of critical sectors by expanding regulatory oversight to include a broader array of entities, such as digital service providers and online platforms. By promoting a standardised and comprehensive approach to cybersecurity, NIS2 plays a pivotal role in fostering a safer digital environment, ultimately safeguarding both businesses and the public against the increasing sophistication of cyber attacks.

Getting started

If your organisation is just getting started, time is of the essence. We recommend preparing for NIS2 immediately with tabletop exercises to be proactive about implementing the regulation’s rules. As part of this exercise, here are some key questions you should consider:

  • What can you do ahead of time to protect yourself and prepare for NIS2 requirements?
  • Do you have the right tooling to detect an incident early?
  • Are you ready for incident reporting and communications internally and externally?
  • What is your preparation plan? 
  • Will you purple team/other exercises to test and improve your systems and processes?

Evaluate your security tooling and log strategy

We’ve said it once and we’ll say it again – when it comes to cybersecurity, it all comes down to the logs. Being compliant doesn’t mean you’re secure, so consider the security tooling you have in place. Do you have the right tools that will help you quickly demonstrate security best practices and compliance readiness at cloud-native scale? 

Learn more about Sumo Logic’s audit compliance capabilities and advanced analytics so you can confidently plan for NIS2 and any other number of compliance regulations.

As cyber threats evolve, the public is increasingly concerned about the security of digital services and sensitive information. Adhering to NIS2 standards reassures your customers, clients, and stakeholders that you prioritise the security and integrity of their data. Maintaining a strong cybersecurity posture helps protect your organisation's reputation, fostering trust and confidence among your user base.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
George Gerchow

George Gerchow

CSO and SVP of IT

As Sumo Logic's CSO and SVP of IT, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. George has been on the bleeding edge of public cloud security, privacy and modernizing IT systems since being a co-founder of the VMware Center for Policy & Compliance. He is a Faculty Member for IANS - Institute of Applied Network Security and sits on several industry advisory boards. Mr. Gerchow is also a known philanthropist and CEO of a nonprofit corporation, XFoundation.

More posts by George Gerchow.

これを読んだ人も楽しんでいます