Klaus Kilvinger of Opexa Advisory eases the fear of NIS2 over regulation and implementation fatigue. He argues that the basics are already existing in many companies, and that dealing with cyber risks is just another pillar of regular risk management practices the management has always been responsible for.
Keywords NIS2, ISO 27001, TISAX, registration, checklist, liability risk, common sense
Sound Bites Klaus Kilvinger: NIS2 is sensible because it’s risk-oriented.
Klaus Kilvinger: Management shocked by the regulation should ask themselves what exactly they are shocked by.
Klaus Mochalski: NIS2 brings nothing really new for management. They have been responsible for mitigating risks for their company for ages.
Klaus Mochalski: Multi-factor authentication is like the safety belt in cars. It’s sensible to use.
Klaus Kilvinger: There is no need for management to panic, they don’t have to become IT gurus to be qualified for implementing NIS2. The basic knowledge can be learned in 4 hours.
Klaus Kilvinger: NIS2 implementation can be easily based on existing management systems. It’s recycling, recycling, recycling.
Chapters 00:00 Introduction
00:45 NIS2 basics: Who is affected? When to start?
04:00 Is NIS2 over-regulating?
07:40 Secondary activity, reporting obligations, liability risk
09:55 Why NIS2 is simple common sense
12:30 What’s new regarding management liability risk?
16:30 Tools and steps for newbees
19:10 A quick introduction to NIS2 elements
21:33 The first 2 or 3 steps to implement NIS2
24:39 Don’t re-invent the wheel
Another podcast with Klaus Kilvinger on ISO27001 can be found in our podcast library .
