Are you compliant with the new UK cyber security law? Take part in our readiness survey

On 10 May 2018, the NIS Directive (Directive on security of network and information systems) was transposed into UK law as the NIS Regulations (The Network and Information Systems Regulations 2018).

OES (operators of essential services) and DSPs (digital service providers) that fall within its scope are expected to comply. Non-compliance could lead to a fine of up to £17 million.

What are the compliance requirements?

The NCSC (National Cyber Security Centre) has published 14 high-level principles that OES are expected to implement in their compliance projects. A CAF (cyber assessment framework) has been developed from these principles that will be used during audits of OES to ensure they are meeting all the necessary requirements. OES can also use the CAF to self-asses their current compliance needs.

Find out more on OES compliance requirements >>

The NIS Regulations reinforce DSPs’ compliance with the Commission Implementing Regulation, which outlines the steps DSPs must take to comply with the NIS Regulations. Because of DSPs’ cross-border nature, the Commission Implementing Regulation applies to all DSPs across the EU.

Find out more on DSP compliance requirements >>

Take part in the readiness survey

IT Governance has launched a survey that aims to explore the current compliance awareness and readiness for OES and DSPs that fall within the scope of the NIS Regulations.

This survey will help organisations assess their own general awareness and readiness to meet the NIS Regulations’ requirements and gain a clear picture of the NIS Regulations landscape.

By completing either of these surveys you stand a chance of winning a voucher worth £300 that can be used against any product or service purchased from IT Governance.

Take part in the survey >>