HU

Strict rules, severe sanctions!

NIS 2 compliance - be prepared in time

The NIS 2 Directive is a European Union regulation aimed at increasing cyber security and reducing the threat to priority sectors. The deadline for compliance with the regulation is 18 October 2024.

Our Cybersecurity team at United Consult will help your organization in the entire preparation process, from the security assessment to the design, implementation and operation of the processes, policies and tooling needed for the appropriate level of certification of your organization.

Prevent administrative fines of up to several million euros, contact our cybersecurity experts.

Which sectors are affected by the NIS 2 Directive?

The scope of the directive includes actors in risk and critical sectors.

Critical sectors: energy, transport, healthcare, drinking water, waste water, communication service, digital infrastructure, outsourced ICT services, space-based service.

Risk sectors: postal and courier services, food production, processing and distribution, waste management, production and distribution of chemicals, production, digital service providers, research.

What are the cybersecurity requirements for NIS 2?

The NIS2 directive and its member state, i.e .Hungarian, legislative implementation stipulate that organizations falling under its scope must meet certain cyber security requirements.

These requirements are detailed in the law 2023/XXIII., the essence of which are the application of risk management and the creation of risk-proportionate protection. The main points of the requirements are risk analysis and management, detection of and reaction to cyber security incidents, as well as their appropriate reporting; access management, use of encryption and ensuring the continuity of business processes during and after cyber security incidents.

What sanctions can you expect if you do not comply with the NIS 2 directive?

Deadline:

18 October 2024

Organizations that do not comply with the NIS2 directive and its national (Hungarian) legal interpretation must expect the following consequences:

  •  Warning
  • Correcting deficiencies revealed during the audit
  •  Financial penalty up to €10,000,000 or 2% of the total worldwide annual turnover of the preceding financial year, whichever is higher. (more details: here)
  •  Informing the organization’s customers about non-compliance with the requirements
  • Prohibition from activities affected by the lack of security in the given area.

Important deadlines:

30 June 2024 – Registration of organizations
18 October 2024 – Deadline for compliance with the requirements

Briefly about the NIS 2 Directive

The scope of the directive includes actors in risk and critical sectors.

Critical sectors:

  • energy,
  • transport,
  • healthcare,
  • drinking water,
  • waste water,
  • communication service,
  • digital infrastructure,
  • outsourced ICT services,
  • space-based service.

Risk sectors:

  • postal and courier services,
  • food production,
  • processing and distribution,
  • waste management,
  • production and distribution of chemicals,
  • production,
  • digital service providers,
  • research.

The NIS2 directive and its member state, i.e .Hungarian, legislative implementation stipulate that organizations falling under its scope must meet certain cyber security requirements.

These requirements are detailed in the law 2023/XXIII., the essence of which are the application of risk management and the creation of risk-proportionate protection. The main points of the requirements are risk analysis and management, detection of and reaction to cyber security incidents, as well as their appropriate reporting; access management, use of encryption and ensuring the continuity of business processes during and after cyber security incidents.

30 June 2024 – Registration of organizations
18 October 2024 – Deadline for compliance with the requirements

Organizations that do not comply with the NIS2 directive and its national (Hungarian) legal interpretation must expect the following consequences:

  •  Warning
  • Correcting deficiencies revealed during the audit
  •  Financial penalty up to €10,000,000 or 2% of the total worldwide annual turnover of the preceding financial year, whichever is higher. (more details: here)
  •  Informing the organization’s customers about non-compliance with the requirements
  • Prohibition from activities affected by the lack of security in the given area.

Our Services

Our team at United Consult helps your organization in the entire preparation process, from the security assessment to the design, implementation and operation of the processes, policies and tooling needed for the appropriate level of certification of your organization. Our thorough preparation process and the expertise of our staff ensure your organization’s NIS2 compliance.

An organisation faces many cyber security tasks and challenges in its lifetime. With the following services, we strive to support our customers in facing the challenges of NIS 2 compliance at a high level:

Certifications

Preparation process in 6 steps

1st step
Security Posture Assessment (SPA)

During the assessment, we examine the domains relevant to the NIS2 directive, so that both you and our team can learn about the organization's current cyber security maturity.

2nd step
Certification level requirements

Based on the assessment, we adjust the individual explored areas to the organization's certification level and determine which requirements must be fulfilled for NIS2 certification.

3rd step
GAP analysis

During the analysis, we assess the gaps between the current security maturity and the requirements for the appropriate certification level of your organization, which forms the basis of a transparent action plan.

4th step
Roadmap creation

We prepare a roadmap and project proposal for the gaps revealed, which includes a list of the domains that need further development. The roadmap contains a set of logical and sequential steps of the implementation.

5th step
Implementation

Our team at United Consult prepares the necessary policies based on the roadmap, helps your organization in the development of required processes as a strategic partner, and designs, implements and operates the architecture of the required security tooling.

6th step
Ready for certification!

At the end of the process, your organization is completely ready to have its relevant certification level audited by the authorized body.

Have questions?

Our team is ready to assist you!

Call us!

contact_photo

Csilla Deák-Nagy

Sales Development Manager

You can contact us quickly and directly with any questions you may have.

E-mail us!

After sending the form, we will contact you.

Who are we?

We are United Consult!

More than 20 years ago, the dream of a small group of 16 friends came true with our first successful project. Today with 300+ senior professionals, we have been supporting our partners in the introduction of products and services including development, implementation and testing. We cover a wide range of IT services, thus we lead in supporting processes across various fields e. g. big data, cybersecurity, software development and development with DWH.

Having concluded a number of Hungarian and international projects, we are aware of the demands that enterprises of various sizes and profiles might have. Thus our consultant colleagues are always able to recommend solutions that fit the requirements of the project.

United Consult Zrt. © 2024 All rights reserved

Töltsd ki az űrlapot és már küldjük is az előadás linkjét!

Töltsd ki az űrlapot és már küldjük is az előadás linkjét!