Learn how to meet the requirements of the EU’s newly strict regulations on cybersecurity for businesses
The European Union will begin enforcing the new regulations embodied in version
2 of its Directive on Security of Network and Information Systems (NIS 2,
for short) on 17 October 2024. Designed to respond to a global cyberthreat
environment that has become significantly more challenging since the 2016
introduction of the original NIS Directive, NIS 2 requires businesses operating
in the EU to meet a broad range of new requirements to improve their cyber
resilience, i.e., their ability to both defend against cyberattacks and recover
quickly when an attack does succeed.
Further, NIS 2 casts its regulatory eye on many more businesses than the
large enterprises that NIS 1 focused on: any business generating at least €10
million in annual turnover per year, and organizations of any size operating in
sectors designated as “essential” (i.e., energy, health care, transportation
and water), or “important” (i.e., manufacturing, food, waste management and
postal services) must now comply.
To help businesses prepare for NIS 2 compliance, Acronis has created a
white paper entitled, “NIS 2 briefing for businesses: What the NIS 2 compliance
standards mean for companies doing business in the European Union (EU).” It
examines the NIS 2 Directive in detail, focusing on the new cyber resilience
requirements that businesses must observe, and providing concrete
recommendations on the steps that business and technology leaders should take
to avoid the hefty new sanctions that NIS 2 levies on noncompliant
organizations. Key topics include:
- A brief history of NIS 1 and NIS 2.
- A summary of NIS 2’s expanded scope and new requirements for cyber resilience.
- Examinations of the roles of artificial intelligence, machine learning and innovation in achieving NIS 2 compliance.
- The importance of defending against ransomware attacks.
- The need for businesses to shift to a more proactive footing in their approach to cyber resilience.
- The strict new incident reporting requirements and non-compliance penalties in NIS 2.