Read Time, 3 min.

New research: Getting NIS2 ready  

The European wide directive Network and Information Security 2 (NIS2) comes into effect on 17 October, with the aim of strengthening Europe’s ability to collectively defend against cyber-attacks and protect the region’s critical infrastructure. 

This new directive will impact upwards of 180,000 organizations, from healthcare and transport, to manufacturing and supply chain. Most organizations are aware of NIS2 and what it aims to achieve (as well as the costs), but research from IDC has shown that only 14% of organizations are fully ready for NIS2. The majority, at 77%, are partially there. 

 With so few organizations across the NIS2 finish line and the official deadline for compliance fast approaching, I wanted to share some of the findings from this research, and how you can move your organization’s transformation efforts forward. 

NIS2 Capable 

IDC has found that over 90% of organizations impacted by NIS2 are aware of it and have taken first steps in taking action to align with the directive. 

About one in five (17%) are categorized as IDC as being NIS2 ‘capable.’  

 Organizations at this level of readiness have a long way to go however, with the need for many to implement all necessary compliance procedures and policies. 

Let’s take incident handling as an example, which is a key requirement of NIS2. With large organizations often being the target of multiple, complex cyberattacks, the rapid co-ordination of multiple stakeholders and timely reporting of incidents is what allows for quicker response and recovery, as well as minimizing the impact on essential services and the wider economy. Having robust technical protection will clearly help but organizations also need to think through the complete response to a security incident. 

Technologies like Microsoft Defender and Microsoft Sentinel will help security teams handle incidents with a real time, comprehensive view of security issues. But the work on becoming NIS2 ready relies on an organization’s ability to create a fully robust set of compliance procedures and policies that engage the board and wider organization. This is what ensures that everyone is on board with how to respond to a security incident and how to keep the business going with a minimal impact on operations.
 

NIS2 Equipped

The next level of readiness IDC identified was NIS2 ‘equipped.’ About one-third (33%) of organizations fall into this category, and are characterized as being able to address most NIS2 requirements.  

The way to move beyond this level of readiness is to conduct a gap analysis of your security measures, and also what’s needed to meet NIS2 requirements or security standards such as ISO 27001.

Let’s consider supply chain security as an example, which is another key NIS2 requirement. When organizations enhance the security and resilience of their own organizations, cyber-criminals will look for other routes to compromise security via weaknesses in an organization’s supply chain. 

Addressing supply chain vulnerabilities is key to ensuring your own assets remain secure. Microsoft tools like Compliance Monitoring, Security Posture Management and Conditional Access Policies can help you control and manage the external access of organizational assets and customer tenants, but your security will still be dependent on your ability to identify gaps and challenges in your security posture.  

All organizations impacted by NIS2 should be in the process of identifying the challenges they have and develop action plans now.
 

Are you NIS2 ready? 

According to the IDC, organizations at the ready level for NIS2 (14%) exhibit the highest degree of preparedness for incident handling, have business continuity measures in place and deploy robust technology to ensure supply chain security and advanced encryption or cryptography. 

At Microsoft, we stand ready to help organizations of all kinds use  NIS2 as an opportunity to advance their cybersecurity posture. Our unique perspective in the security market and comprehensive suite of secure cloud-based solutions can help you identify, prevent, and mitigate against the cyberthreats we are facing today and in the future.   

Source: IDC Infobrief, Sponsored by Microsoft, NIS2 Readiness: A Guide for Organizations in Europe, #EUR252440224, July 2024 

> Read the IDC report in full 

Join us: Microsoft Discover Hour: Prepare for the new AI and regulatory landscape with Microsoft Purview

Our leading experts will show how Microsoft Purview can help you adopt AI securely, use AI to improve your data compliance, and deploy a data security program successfully. We will also share the findings of the latest IDC research on how prepared the European markets actually are for the NIS2 countdown.

Discover more related articles per industry:

Education

  • Girl studying

    Secondary school Kirchdorf: Reimagining hybrid learning with Surface and Teams

    “What we really wanted to achieve was simplicity for both our students and our educators. Through our digitalization efforts, we’ve seen that using technology to complement traditional teaching and learning is an investment for the future, not just for children, but for everyone.” Martin Schnetzer, teacher and IT admin at Mittelschule Kirchdorf, Austria, reflects on […]

  • a group of people sitting at a table using a laptop computer

    4 reasons Citrix and Windows Virtual Desktop are better together for education

    Educational institutions all over the world experience a huge transformation. We are all familiar with the impact of COVID-19 on digitization in education, but there are more challenges. The digitization challenges faced by educational institutions   Because of the measures against the COVID-19 pandemic, like lockdowns and social distancing, the trend of online or blended […]

Finance & Insurance

Government

Healthcare

Manufacturing

  • Potato producers benefit from sensors (IoT) and AVR’s technological innovations

    Potato producers benefit from sensors (IoT) and AVR’s technological innovations

    In Roeslare (Roulers in French), better known by the name “Potato Valley,” potato producers have a particular fondness for AVR’s machines and technologies, which mean they can plant and harvest potatoes more efficiently. More and more of AVR’s machines are equipped with sensors that are connected to the internet (IoT This technology provides farmers with […]

  • Man with a tattoo pointing at a tablet in a factory

    2020 has shown manufacturers the true value of digital transformation

    At the start of 2020, there were all manner of manufacturing topics to be discussed. And then suddenly, there was only one. It would be difficult to overstate the impact of Covid-19’s disruption on manufacturers. Almost across the board, this industry has seen supply chains breaking, cash ceasing to flow and production lines grinding to […]

Retail

  • man and woman in a store looking at a large touch screen

    The road to business resilience: What it is and why it matters to retailers

    I think most of us are familiar with the saying of “fall seven times – rise up eight”. Not only is it applicable to life itself but also to the perseverance and resilience that the last couple of years has brought to all types businesses around the world. Let’s recap some of the challenges the […]

  • female shopkeeper looking at her work tablet

    Create flexible retail supply chains that are built to last

    In a powerful storm, a tree that does not bend is likely to break. In 2020, the pandemic put storm-like forces on global supply chains – and many of them simply broke. There were shortages of many household items and commercial supplies, with many retailers forced to ration sales of some products.  This showed how […]

Discover more related articles per dossier:

Customer Stories

Digital Transformation

Security & Privacy

Tips

  • Male store associate helping female customer in tech shop

    Creating great experiences for employees and the customers they serve

    Retail is experiencing ongoing labor shortages in the aftermath of the pandemic. Many people have retired early, found new jobs, or have simply decided to leave the labor market. As competition for skilled and experienced staff has become fiercer, attracting talent and retaining staff is crucial for survival and success.  While increasing wages and benefits […]