×

Irish Information Security Forum

NIS2 Quick Reference Guide

 

The Network and Information Security Directive 2 (NIS2) is a significant legislative measure by the European Union aimed at enhancing cybersecurity across its member states. Building on the original NIS Directive introduced in 2016, NIS2 addresses the evolving landscape of cyber threats and the need for more robust security measures.

 

 Key Objectives and Features

 

  • Enhanced Security Requirements: NIS2 introduces stricter security requirements for a broader range of sectors and entities, including critical infrastructure such as energy, transport, health, and digital services. This expansion ensures that more organizations adopt comprehensive cybersecurity practices¹.
  • Supply Chain Security: Recognizing the interconnected nature of modern digital ecosystems, NIS2 places a strong emphasis on securing supply chains. This includes measures to ensure that third-party suppliers and service providers adhere to stringent cybersecurity standards².
  • Streamlined Reporting Obligations: The directive aims to simplify and harmonize reporting obligations across the EU. Organizations are required to report significant cyber incidents to national authorities promptly, facilitating a coordinated response to cyber threats².
  • Stricter Enforcement and Sanctions: NIS2 introduces more stringent supervisory measures and harmonized sanctions for non-compliance. This ensures that all member states enforce the directive consistently, creating a level playing field and enhancing overall cybersecurity resilience¹.

 

Implementation Timeline

 

NIS2 came into force on January 16, 2023. Member states have until October 17, 2024, to transpose its measures into national law¹. This period allows countries to align their national regulations with the directive's requirements, ensuring a cohesive approach to cybersecurity across the EU. 

 

Ireland continues to work through the transposition requirements of the Directive, for its due date of 17 October 2024. The General Scheme for the National Cyber Security Bill 2024 (the NCS Bill), which provides the general scheme of the legislation that will incorporate NIS2 into national Irish law, was published on 30 August. However, it still needs to be put before the Oireachtas, the Irish parliament, and is subject further review and change.

 

The National Cyber Security Centre (NCSC) in Ireland has been designated as the competent authority for certain entities, while the Cyber Crisis Management Authority and the Computer Security Incident Response Team will also be performed by, or sit within, the NCSC, under the NCS Bill.

 

The NCSC has said that it is “committed to engaging with its constituents and stakeholders to ensure that NIS2 requirements are communicated ahead of time, and where possible, provide suitable advice and guidance on implementation”.

 

Businesses which might be impacted by NIS2 should start to look at the content of the NCS Bill itself, as 17 October is fast approaching.”

 

 

Download Quick Reference Guide issued by NCSC

NIS2 Quick Reference Guide cover

 

 


References
(1) The NIS2 Directive: A high common level of cybersecurity in the EU. https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI%282021%29689333.
(2) The NIS2 Directive - European Parliament. https://www.europarl.europa.eu/RegData/etudes/BRIE/2021/689333/EPRS_BRI%282021%29689333_EN.pdf.
(3) What is NIS2? An easy-to-understand guide - Advisera. https://advisera.com/articles/what-is-nis2/.
(4) Directive on measures for a high common level of cybersecurity across .... https://digital-strategy.ec.europa.eu/en/policies/nis2-directive.
(5) Navigating NIS2 requirements with Microsoft Security solutions. https://www.microsoft.com/en-us/security/blog/2024/02/20/navigating-nis2-requirements-with-microsoft-security-solutions/.

(6) NIS2. https://www.ncsc.gov.ie/pdfs/NCSC_NIS2_Guide.pdf

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter