The EU Directive on security of network and information systems (NIS Directive) must be transposed into national law by 10 May 2018. The Directive requires operators of essential services (OES) and digital service providers (DSPs) to implement effective security measures appropriate to associated risks, as well as measures for incident response.
The NIS Directive is expected to inspire cyber resilience for essential services that are critical to a nation’s infrastructure, and will be key to developing a new culture of enhanced cyber security across the EU, according to experts.
The official title for the NIS Directive in the UK will be The Network and Information Systems Regulations 2018 (NIS Regulations).
Enhancing your cyber resilience
A robust cyber resilience programme involves a comprehensive approach that includes measures covering information security, incident response and business continuity, and is an excellent approach to ensuring compliance with the NIS Regulations.
NIS Regulations compliance guide
Our compliance guide to the NIS Regulations provides essential information and guidance for UK organisations that need to comply with its requirements. Our guidance is in line with the approaches of the UK government and National Cyber Security Centre (NCSC).
- The Directive’s requirements and how the UK government is implementing them into national law
- Which organisations are in scope of the NIS Regulation;
- Our tiered approach to developing cyber resilience;
- Guidance on combining your NIS Regulation and GDPR compliance projects; and
- How international standards can help you achieve compliance more effectively.