The EU recently passed the Network and Information Security (NIS) Directive (NISD), requiring critical infrastructure organizations to implement stronger cybersecurity and breach reporting for ICS/SCADA/OT networks.
Why does the EU NIS Directive matter? Industrial organizations that do not meet NISD requirements for critical infrastructure cybersecurity can be fined up to £17 million, or 4% of their global revenue for non-compliant companies in the UK.
Is your critical infrastructure based in the US? Don’t wave NISD off just yet. Many US companies are also affected because they have operations in the EU. In case of a major safety or environmental incident — anywhere in the world — US organizations could be held negligent and financially liable for not adhering to the “minimum standards of due care” defined by NISD.
Is your critical infrastructure organization compliant with the NISD regulations? Be in the know.
Get the executive NISD guide now to get briefed on:
- Organizational and technical requirements
- How to demonstrate compliance with the critical infrastructure protection standards of the EU NIS Directive
- How CyberX addresses key NISD areas including continuous asset and vulnerability management, threat monitoring, and incident response.
Did you know?
While NISD applies to energy, water, healthcare, banking, and digital infrastructure (ISPs, etc.) organizations, other sectors are also leveraging it — including manufacturing, pharmaceuticals, chemicals, and oil & gas — as a best practices framework for improving operational resilience. You can do the compliant and the right thing. Download the guide to learn how.