RESOURCES
As we mentioned in a previous blog, countries around the world, and predominantly US, UK and EU have been tightening their cyber security regulations to combat ever increasing and sophisticated cyber-attacks targeting critical infrastructures, businesses, and digital service providers. In this endeavour, EU updated its NIS directive, which was initially released in 2016, on 16th January 2023 as NIS2. Member states now need to transpose its measures into national law until 17 October 2024.
The NIS2 Directive is a significant component of cybersecurity legislation. The European Union introduced the Directive to improve the cybersecurity of critical infrastructure systems within its member states and to ensure that digital service providers and operators of essential services have adequate security measures in place to secure their networks and data.
In Sweden, the NIS2 Directive is implemented via the Information Security Law (Sakerhetsskyddslagen). The NIS2 Directive mandates that Essential Entities (EE) and Important Entities (IE) have cyber security procedures, including risk assessments, incident management, and security testing. In addition, businesses must have adequate policies and procedures in place to ensure a rapid, effective response to cybersecurity issues including corporate accountability and timely reporting of incidents.
These overarching requirements can be expanded upon at a more technical level to address certain types of cyber threats more specifically like the use of multi-factor authentication, the use of encryption, and cyber security testing or secure development practices etc.
Essential Entities (EE) and Important Entities (IE) include a wide range of organisations that can be digital service providers or operators of critical infrastructure. Businesses that provide online markets, cloud computing services are digital service providers. Operators of critical national infrastructure include providers of energy, transportation, healthcare, potable water, and digital infrastructure.
Digital service providers and operators of essential services are required by the NIS2 Directive to maintain an adequate level of cybersecurity. This necessitates that firms implement stringent security measures to safeguard their networks and data from cyber-attacks. The NIS2 mandate also requires enterprises to report cybersecurity issues, which is a crucial element. If an organisation has a severe cyber security event, they must disclose it to the appropriate authorities within 24 hours. Significant penalties may be imposed for failing to report an incident.
The Swedish Post and Telecom Authority (PTS) is responsible for ensuring NIS2 Directive compliance. The authority has the jurisdiction to investigate businesses that do not comply with legal requirements and, if necessary, to impose fines and other penalties.
Noncompliance with the NIS2 Directive may result in severe penalties. Companies that lack adequate security measures or neglect to report cybersecurity events are subject to fines of up to 10 million Swedish Krona or 2% of the global annual turnover. Repeat offenders may be subject to greater fines and possible legal action. Additionally in some extreme cases managers can face temporary bans from holding similar positions.
In conclusion, the NIS2 Directive mandates the use of a variety of risk management practises to maintain the security and resilience of critical infrastructure systems. Organisations can protect their networks and data from cyber threats and contribute to the overall cyber security of critical infrastructure systems by identifying their assets, conducting risk assessments, implementing appropriate security measures, and developing incident management procedures along with business continuity plans.
The real call to action here is to ensure that your organisation is equipped to defend against evolving cyber risks and be able to conform to the numerous regulatory and Government compliance requirements, it is paramount that your board and senior leadership teams assist in defining or enhancing your cyber security strategy. This will provide the appropriate level of focus and impetus enabling your organisation to adapt and evolve with the emerging threat landscape and improve your overall security posture.
Organisations affected by the NIS2 Directive often struggle with the complexities of defining the processes and procedures or deploying the technologies to comply with the requirements. In some cases, organisation simply do not have the time, budget or resource to lay the groundwork. For these organisations we have put together a simple step by step outline of how to get started, for more detailed assistance please contact the Cynode team.
REFERENCES:
European Union Cybersecurity Agency (ENISA). (2020). Directive on Network and Information Systems (NIS). Taken from https://www.enisa.europa.eu/topics/nis-directive
Post and Telecom Authority of Sweden (PTS) (2020). Directive NIS. Obtainable at https://www.pts.se/en/industry/cybersecurity/nis-directive
Post and Telecom Authority of Sweden (PTS) (2020). Information Security Act (Information Security Act) Taken from https://www.pts.se/en/industry/cybersecurity/information-security-law/
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32022L2555&from=EN
-
Regular EDR Policy Tuning
The cyber security world has recently focused on EDR technology due to its significant impact across industries. This post explores the evolution from early antivirus software to EDR platforms. Key milestones include the introduction of commercial antivirus software in 1987, the emergence of heuristic and behavioural detection methods in the early 2000s, and the development of Next-Gen Antivirus (NGAV) in 2010. EDR solutions, emerging around 2013, are crucial for detecting, investigating, and mitigating security threats but require regular policy updates and meticulous tuning for optimal performance.
-
Mastering Log Management: Enhancing SIEM and SOC Efficacy
Efficient log management is critical for SIEM and SOC efficacy. Challenges include log agent malfunctions, configuration errors, and network issues. This blog explores four log problem categories, from detection failures to incomplete logs, and introduces innovative solutions for proactive threat detection and response. Learn how Cynode's integrated threat simulation and log validation processes ensure optimal log coverage and enhanced security monitoring. Stay ahead of cyber threats with robust log management practices.
-
Understanding WebApp Exposure
WebApp Exposure Monitoring involves regular assessments and updates to perimeter defence platforms like WAF policies, ensuring alignment with the latest threat intelligence. Having a proactive stance to WebApp attacks is crucial as cyber threats incredibly fast, often outpacing traditional security defences. The process of continuously monitoring web applications allows organisations to more readily detect anomalies and respond to threats in real-time, minimising the risk of data breaches and other cyber incidents.
-
Introduction to Managed Security Service Providers (MSSPs)
Businesses increasingly struggle with cyber security management, especially with limited resources. Managed Security Service Providers (MSSPs) like Cynode offer comprehensive, efficient solutions, managing everything from security infrastructure to incident response, often using cloud services for cost efficiency. This article explores the benefits and services MSSPs provide, underscoring their importance in modern cyber security strategies.
-
Improving SIEM Efficacy as the Market Evolves
As the SIEM market evolves with new mergers and partnerships, Cynode supports practitioners to ensure no security event is missed, offering comprehensive services from threat-centric log and rule validation to complete SIEM management.
-
Welcome Konrad Falk as Our New Senior Cyber Advisor & Architect!
Konrad brings extensive experience in Cyber Security and IT, with a background in programming, networking, and security. Passionate about securing companies and educating others, he values the trust of our leadership and is eager to manage security incidents and tackle evolving threats hands-on.
-
“Trust me, I was an engineer” – Björn Nilsson
We are pleased to announce Björn Nilsson as the new Head of Security Operations Sweden at Cynode. His extensive experience in cyber security and IT infrastructure marks a significant milestone in enhancing our capabilities. Björn brings a wealth of expertise from various critical roles within the industry.
-
Cynode Boosts Team with Gustav Bivstedt's Technical Expertise
Cynode hires Gustav Bivstedt as a Cyber Advisor to enhance our Cyber Advisory and Assurance Services. His expertise strengthens our technical capacity and supports business growth, including new offerings in security testing, cyber maturity assessments, and proactive risk management with Cyber Threat Intelligence.
-
Meet our "VP of Product" Cumhur Hatipoglu
As Cynode’s CMO, I am constantly impressed by our team's innovation and engagement. Cumhur Hatipoglu, our new VP of Product, enhances our mission to innovate in cyber security and MDR services. His approach integrates NIST CSF and best security practices to ensure our solutions meet clients' evolving needs.
-
Hacking and Cyber Warfare Go Hand in Hand
Sweden, amidst its NATO application and tensions with Russia and Turkey, has experienced a rise in political cyber-attacks. Groups such as Anonymous have targeted governmental infrastructures, leading to data leaks. Escalation of cyber-crime and nation-state backed cyber warfare necessitates global enhancement of defense measures.
-
Rise of Cyber Due Diligence in M&A Processes
Sweden's post-pandemic economic recovery has spurred M&As. Cynode emphasises integrating cyber due diligence to address vulnerabilities, protect essential information, and optimise security spending, enhancing the security posture before, during and after M&As.