NIS Directive/Regulations

NIS DIRECTIVE

What is NIS Directive and NIS Regulations (2018) ?

The EU NIS Directive became UK law as the Network and Information Systems Regulations (2018). It is a security regulation designed to protect network and information systems in our critical infrastructure. In the UK, non compliant organisations can be fined up to £17m.

Who does NIS Directive apply to?

Operators of Essential Services (OES) and Digital Service Providers (DSPs) operating and offering service to EU persons need to be aware of the Directive on Information and information systems. This includes, water, energy health, transport, digital infrastructure.

 

Security Duties of OES and DSPs

  • Take appropriate and proportionate technical and organisational measures to manage risks posed to the security of the network and information systems on which their essential service relies.
  • Take appropriate and proportionate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of an essential service, with a view to ensuring the continuity of those services.
  • Measure taken must take into account the latest state of the art, ensure a level of security of network and information systems appropriate to the risk posed.
  • Must use guidance issued by the competent authorities when carrying these measures out
  • An OES must also notify the competent authority in the event of any security incident that has a significant impact on the continuity of their service without undue delay (no later than 72 hours)

Advent IM and NIS Directive and Regulations

We offer scalable guidance and consultancy for OEMs and DSPs. With many years' experience working across critical infrastructure and government, we can offer assurance and support for those organisations impacted.

We also offer training for staff tasked with implementation and ongoing compliance to NIS regulations. Click for training.

For a confidential conversation on how it could work for your organisation - call Gareth Williams on 0121 559 6699 or email bestpractice@advent-im.co.uk

Advent IM, cyber essentials
Advent IM, G-Cloud, Crown Commercial Supplier, Cyber Security services,
Advent IM ISO27001 certification, ISO 27001, information security, cyber security,
Advent IM ISO9001

We pride ourselves on putting our clients first...

...our approach is both consultative and facilitative and each solution is bespoke to your business needs and drivers.
Find out more...