Industry sceptical of new NIS directive passed today
European member states face a new set of cyber-security rules following a vote in the European Parliament’s Internal Markets Committee.
The Network and Information Security Directive has been passed by the European Parliament’s Internal Markets Committee. Designed to be the first set of EU wide cyber-security rules, it has so far had a lukewarm reception from industry.
The directive lists critical sectors – energy, transport, banking and health – where companies will need to ensure that they are able resist cyber-attacks.
These areas were identified using specific criteria: whether the service is critical for society and the economy, whether it depends on network and information systems and whether an incident could have significant disruptive effects on its provision or public safety. The directive requires that the companies providing these services to have in place security measures to detect and manage cyber-security risks.
The way to do this is to implement an Information Security Management System (ISMS), compliant with ISO 27001. Even if you don’t wish to go down the certification route, which many of ESID Consulting clients don’t, you can still comply with the international standards framework and make your business as secure as it can be.
The critics may moan about the directive not being “specific” enough but, it’s a much needed step in the right direction and at least its a start !
ESID Consulting will risk assess your business risks and provide the help and support counter any issues found. Call us now on Tel 0844 3582362 or Email on firstname.lastname@example.org