For Operators of Essential Services (OES), such as within Electricity, Oil, Gas, and Drinking Water, this effectively means that they need to protect the Safety, Reliability and Availability in a good manner. Operators of essential services (OES) are required to demonstrate compliance to these requirements.
This resulted in the following questions:
- Which control framework should be used and how to demonstrate NIS compliance?
- Is your OT organization using ‘state of the art’ security measures?
- Are those measures up to date?
- Are you in control of your OT cyber security organization?
How can Secura help?
Secura does this by offering two types of OT NIS Compliance Assessments:
- NIS Compliance Baseline Review: verifies the design and existence of required organizational security control implementations.
- NIS Compliance Enhanced Assessment: assesses and verifies the existence, working and effectiveness of all security control implementations.
NIS2 will come into effect in October 2024, but Secura can already help you in ensuring compliance to this new legislation. For example, by helping collect the data that will be required to be shared with government bodies, identify what NIS2 rules are applicable specifically to your organization, or by giving cybersecurity training.
Moreover, Secura can provide the forensic services required after a cyber-attack on your organization.
Secura will keep on providing our existing services, such as risk assessment/management and helping in the prevention of cyber-attacks. These are required elements of your cyber security practices after NIS2 comes into effect.