Ready for NIS2? – Lantero’s quick analysis
Published: October 8, 2024
The new EU regulations (NIS2) regarding security and preparedness in critical sectors will directly or indirectly affect most parts of society. For individual companies or organizations, it is important to determine if they are affected by the regulations – although a more reasonable question is probably how they are affected by NIS2.
How the EU directive will be implemented in national legislation is still unclear, but with the overall guidelines of the directive and the expressed intentions, it is becoming quite clear how companies or organizations should approach and prepare for the new legislation.
To assist in the initial assessment, Lantero provides short, overview analyses. In a 15-minute meeting, we go over whether you are clearly and directly affected by the regulations or if you are potentially or indirectly impacted. The goal of the meeting is to better understand how to approach the regulations so that you can take control of the process and allocate resources where they are most effective.
Whether you view NIS2 as a compliance issue, a matter of security, or from a commercial perspective linked to customer demands, there is a reason to understand the regulations and have a clear strategy. Taking control of the issue reduces dependency on external consultants and ensures that actions are taken in the right order.
Priorities can vary significantly depending on whether you take a compliance perspective or a security perspective, for example. But regardless of perspective, you need to understand where your organization stands in relation to various risks associated with network and information systems. And regardless of priorities, questions about everything from strategies and operational continuity to cryptography, personnel security, or incident management must be considered.
Even organizations with a high level of security awareness have reason to review the whole picture and assess to what extent they are working in line with best practices or have made informed decisions based on actual circumstances. The first step is knowing in what way you are affected by the regulations.