NIS2 Cybersecurity directive
Requirements for Latvian companies
For equal security of IT networks and information systems throughout the European Union, the European Parliament created the NIS2 directive (Directive on security of network and information systems), which defines a list of industries that must comply with mandatory requirements and security standards regarding critical and digital infrastructure and their related services.
EU support funds and programs are available to reduce the costs of implementing the directive's requirements
Sectors to comply with the NIS2 directive
Essential entity:
ENERGY electricity, oil, gas, heat
HEALTH institutions, laboratories, pharmacy
TRANSPORT
FINANCE
WATER SUPPLY
DIGITAL INFRASTRUCTURE
INTERNET SERVICE PROVIDERS
* Regardless of the number of employees and turnover
Important entity:
POSTAL SERVICES
WASTE processing and management
FOOD production, processing and distribution
MANUFACTURING technologies and engineering, electronics
CHEMICALS production, processing and distribution
RESEARCH
* The full list of entities is defined in the National Cyber Security Act
* >50 employees or >10 million turnover
NIS2 requirements come into force in October 2024!
What should pay attention to?
review your organization's IT security processes
provide an additional budget for the improvement of cybersecurity measures
provide for additional human resources
provide time for employee training
develop the necessary documentation for submission to the supervisory authority (The Constitution Protection Bureau or National Cybersecurity Center)
* Organizations that do not implement cyber security measures in accordance with the requirements face fines of up to 10 million EUR or 2% of the total annual turnover, direct responsibility of management and IT managers
OptiСom provides the processes and services needed to meet NIS2 requirements:
• Cybersecurity audit
• Penetration tests
• Vulnerability scanning
• Checking websites
• Performance tests
• Phishing tests
• Penetration tests
• Vulnerability scanning
• Checking websites
• Performance tests
• Phishing tests
• Internet Security Training
• Continuous monitoring of events in systems (SIEM*)
• Identification, analysis and response to suspicious events
• Checking the level of security by periodically conducting test attacks
• Incident investigation and attack prevention
• Response according to SLA (Service Level Agreement)
• Provision of cybersecurity specialists with 9/5 or 24/7 monitoring
* SIEM technology provides real-time analysis of security events (alarms generated by network devices and applications) and allows you to respond to them before significant damage is done.
• Identification, analysis and response to suspicious events
• Checking the level of security by periodically conducting test attacks
• Incident investigation and attack prevention
• Response according to SLA (Service Level Agreement)
• Provision of cybersecurity specialists with 9/5 or 24/7 monitoring
* SIEM technology provides real-time analysis of security events (alarms generated by network devices and applications) and allows you to respond to them before significant damage is done.
• Firewalls and intrusion detection/prevention systems (IDS/IPS)
• Anti-virus and anti-malware solutions
• Security Information and Event Management (SIEM) systems
• Encryption tools
• Access control and identity management
• Systems for managing updates
• Incident response tools
• Backup and disaster recovery solutions
• Compliance and management tools
• Employee training and awareness-raising programs
• Secure configuration tools
• Secure communication tools
• Mobile Device Management (MDM) solutions
• Anti-virus and anti-malware solutions
• Security Information and Event Management (SIEM) systems
• Encryption tools
• Access control and identity management
• Systems for managing updates
• Incident response tools
• Backup and disaster recovery solutions
• Compliance and management tools
• Employee training and awareness-raising programs
• Secure configuration tools
• Secure communication tools
• Mobile Device Management (MDM) solutions
Apply for a consultation and get professional recommendations
+371 67 331 878 This email address is being protected from spambots. You need JavaScript enabled to view it.