The Network and Information Security (NIS) Directive and General Data Protection Regulation (GDPR) require businesses in the EU to have regard to ‘state-of-the-art’ cyber security when adopting appropriate protection against cyber-attacks. For NIS, companies providing what the law describes as essential or digital services will be affected by these changes. All companies processing personal data of EU residents must comply with GDPR.
The NIS Directive introduces the concept of “state of the art” when it comes to security to ensure that the legislation will never become out-dated. Focused purely on security, it requires all organisations “have regard to” and “take into account” state of the art technologies for their cyber security. They must invest to protect essential services that depend on network and information systems for NIS and data protection for GDPR.
NIS requires organisations to create and maintain an adaptive, user-centric, layered security model approach based on the principles of being able to:
Being compliant under NIS
You are required to have ‘state of the art‘ security solutions and technology partners that allow your organisation to predict and prevent attacks, detect a potentially dangerous presence in your networks, respond quickly to that threat, and have the ability to analyse and report on the health of your networks in real time.
You need to know what your company’s position is on ‘state-of-the-art’ and invest in security technologies that carefully consider identity, privacy, data protection, mobility and cyber threats in the security management platform. You should already be having the discussions on what ‘state-of-the-art’ means to your business. And will need to defend its use — or lack of use – in any post-breach investigation.
Palo Alto Networks joined forces with the IDC to research how European companies perceive ‘state-of-the-art’ cyber security technologies. Put simply, it found that many don’t fully understand the concept and aren’t sure how to measure or review it. Despite this, Gartner found that by 2020, 60% of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk.
With a continued rise in cybercrime, this legislation is a great opportunity for the business to work together to re-build and update their security capabilities to mitigate against cyber risks. Hardware.com partners with companies that offer state-of-the-art security technologies. And our engineers are highly experienced in using innovative security products. For an informal discussion about how NIS will affect your security requirements please call us on 01285 771660.