Expo Highlight Trend Micro: NIS2 - More Cybersecurity for Europe

Particular emphasis is placed on the prevention of critical infrastructure failures. The EU member states have until October 17, 2024 to enact it into national law.

The most important changes of NIS2 at a glance:

• Expanding the scope: The total number of sectors grows to 18. Seven new types of critical facilities are added and thresholds are lowered.

• Organizations must be able to assess the risk of a cyberattack across their supply chain.

• Cyber risk management becomes mandatory.

• Mandatory employee training and audits.

• CEOs will be personally liable for any damage caused by failure to comply with their duty to manage cyber risk.

• There are significant penalties for violations.

• Strict reporting requirements apply. The supervisory authority is the BSI.

• The member states set up national CSIRTs (Computer Security Incident Response Teams) to cooperate across the EU.

Although the German implementation of the law is still pending, it is advisable to already familiarize oneself with the requirements and, if necessary, to take first steps. As the requirements of the new guidelines are high, external resources in the form of consultants and service providers could also become scarce in the future. Further information and insights on NIS2 can be found on Trend Micro's website.

You can also attend our talk on the topic at the Smart Country Convention:

Do, 9.11., 11:30am - 12:00pm
AWS Mini Theatre, hub 27, booth 111

Thoughts on NIS2 from the perspective of local municipalities

Since May 1, 2023, KRITIS operators regulated under the BSIG and EnWG have been required to implement "attack detection systems" and provide regular evidence of their use.
As an organization that does not fall under KRITIS, can I sit back and relax in the future, or is their use also relevant for me? How can municipalities assess risk, increase resilience and use the cloud wisely?

Speaker: Robert Mientus, Senior Manager Government Sales at Trend Micro