The Directive on security of network and information systems (NIS Directive) comes into effect on 10 May 2018. It requires operators of essential services (OES) that are established in the EU, and digital service providers (DSPs) that offer services to persons within the EU, to enhance their cyber security measures appropriate to associated risks. The government has confirmed that the Directive will apply irrespective of Brexit.
The Directive calls for measures to minimise the impact of incidents and ensure the continuity of services, as well as specific incident notification requirements, and will be transposed into UK law as The Network and Information Systems Regulations 2018 (NIS Regulations) on 10 May 2018.
IT Governance has developed an infographic that includes essential information for UK organisations seeking NIS Regulation compliance.
Discover which industry sectors are expected to comply, and what steps need to be taken to enhance cyber security measures in line with the Regulation’s requirements.