This eBook examines the impact that the updated European Network and Information Security Directive (NIS2) will have on organisations (or entities, as they are referred to in the Directive). The eBook starts with a brief categorisation of the NIS2 Directive within the larger framework of the European Cybersecurity Strategy. Chapter 2 discusses the practical limitations that many organisations will face when implementing the requirements in OT. In particular, it looks at the residual risk this creates. Chapter 3 explains how these limitations can be overcome and how the residual risk of the real ability to act can be brought under control. Finally, Andreas Könen from the BMI provides tips on the steps companies should take.
The implementation of NIS2 poses some serious challenges for companies:
One unknown component or insecure system in the OT is enough to jeopardize the overall security of the OT.
The top priorities for companies when implementing NIS2 therefore include:
Rhebo supports critical infrastructure and industrial companies throughout the entire journey to end-to-end OT cyber security in accordance with NIS2:
Vulnerability assessment and risk analysis of existing OT networks.
Integration of a network intrusion detection system in OT with continuous OT monitoring, real-time anomaly detection and SIEM integration.
Optional support services for operating the intrusion detection system with on-the-job training for the companies.