IT Governance, the leader in data protection and information security expertise, is urging organisations supplying essential services to act now in order to meet the requirements of the European Network and Information Security (NIS) Directive, which entered into force in August.
Alan Calder, the founder and chief executive officer of IT Governance, said: “EU member states have 21 months to transpose the Directive into national laws and 6 months to identify operators of essential services. As consumers rely heavily on the safety of these everyday services, organisations operating within these critical sectors will be required to adopt risk management practices and report major incidents in line with the requirements of the NIS Directive.”
The NIS Directive, which aims to help organisations achieve a “high common level of security of network and information systems within the EU”, sets out significant security obligations for organisations that supply essential services and operate in critical sectors such as energy, transport, banking, health or digital services.
European Commission Vice-President Andrus Ansip said: “The Directive on Security of Network and Information Systems is the first comprehensive piece of EU legislation on cybersecurity. The rules adopted today, complemented by the new partnership with the industry on cybersecurity presented yesterday, create the right conditions for people and businesses to use digital tools, networks and services in the EU with confidence.”
The NIS Directive provides EU member states with the legal measures to “boost the overall level of cyber security in the EU” by ensuring cooperation from all other member states, readiness and preparation by requiring organisations to be properly equipped, and a security culture across all sectors vital to the society and economy.
Organisations providing essential services in sectors such as finance, healthcare, energy and digital services can take advantage of IT Governance’s wide-ranging data protection expertise to meet the requirements of the NIS Directive by achieving compliance with the international best-practice information security standard, ISO 27001.
IT Governance’s specialist information security consultants can assist organisations with initial readiness assessments, gap analyses and information security audits.
To find out how ISO 27001
can help your organisation meet the NIS Directive’s requirements
, please visit the website
, contact the consultancy team direct at firstname.lastname@example.org, or call us on +44 (0) 845 070 1750.