From October 18, many companies will be obliged to register themselves with the authorities as part of the new NIS2 directive. But what exactly does NIS2 mean and how does it relate to SIEM? In this blog, you will find out what the NIS2 directive requires and what measures need to be implemented. At the end you will find a practical NIS2 directive self-test<\/a> that you can use to check whether your company could be affected by the NIS2 directive<\/p>\n<\/div><\/div><\/div> The NIS2 Directive is intended to improve cyber security in the EU and affects many companies – both directly and indirectly, as the supply chains of the affected sectors must also be protected. Above all, the EU’s strict requirements demand a response time to cyber security incidents that most companies cannot meet without preparation. You can find the directive on the EU website<\/a> here Since July 24, 2024, this EU-wide directive has also been enshrined in German national law. Which aspects of the NIS2 Directive pose the greatest challenges in terms of implementation? In our opinion, they are the following:<\/p>\n<\/div> Reporting obligations: <\/b> Within 72 hours:<\/b> A detailed report is now required. This report should assess the severity of the incident, outline the impact and explain the indicators of compromise.<\/p>\n Within one month:<\/b> A comprehensive final or progress report must be submitted after one month. This report must describe the nature of the threat, the causes and the remedial measures taken. It should also address possible cross-border effects of the incident.<\/p>\n<\/div><\/li> Audits:<\/b><\/p>\n According to the EU’s NIS2 guidelines, companies are obliged to carry out regular audits and assessments of their IT security. The frequency of these audits depends on the company’s risk assessment. Security assessments and reports should be forwarded to the management so that any necessary corrective measures can be initiated quickly if deficiencies are identified.<\/p>\n<\/div><\/li> Sensitization of employees:<\/b><\/p>\n In the past, training courses helped companies to protect themselves against espionage and ransomware attacks. Now such training is mandatory in order to comply with the NIS2 standards. So you are not only protecting yourself from attacks, but also from penalties. Regular training and ongoing support for employees is more important than ever to ensure a high level of security awareness and strengthen resilience against cyber threats. Find out more in our blog on working securely in M365<\/a>.<\/p>\n<\/div><\/li><\/ul> You are only as good as your tools. To meet the demanding requirements, we believe you need a new tool that can handle the load. This is exactly where SIEM comes into play.<\/p>\n<\/div><\/div><\/div><\/div><\/div> SIEM stands for S<\/u><\/b>ecurity I<\/b><\/u>nformation E<\/b><\/u>vent M<\/b><\/u>anagement. E SIEM system provides a comprehensive overview of your company’s IT security. It collects and analyzes security data from various sources such as ERP systems, cloud services and IoT devices (e.g. smart TVs, cameras, etc.). By monitoring login attempts, system changes and other security-related events, the SIEM system detects suspicious behavior. In the event of anomalies, alarms are triggered and detailed logs are created to quickly identify and resolve threats. <\/span><\/p>\n What makes a SIEM system so powerful is its ability to harmonize log files from different sources. As a result, it provides a comprehensive overview of all activities in the network at a glance, even in large and complex IT environments that would otherwise be difficult to analyze.<\/p>\n<\/div><\/div><\/div><\/div><\/div>What is the NIS2 Directive?<\/h1><\/h1><\/div>
\nWithin 24 hours:<\/b> Security incidents or near-incidents must be reported to the authorities within 24 hours. An initial suspicion as to the cause of the incident should also be reported.<\/p>\nWhat is SIEM?<\/h1><\/h1><\/div>
![\"The](\"https:\/\/netxconsult.de\/wp-content\/uploads\/2024\/06\/perfekte-Paar-.png\" "\\"perfekte")
<\/span><\/div>