Read Time, 3 min.

New research: Getting NIS2 ready  

The European wide directive Network and Information Security 2 (NIS2) comes into effect on 17 October, with the aim of strengthening Europe’s ability to collectively defend against cyber-attacks and protect the region’s critical infrastructure. 

This new directive will impact upwards of 180,000 organizations, from healthcare and transport, to manufacturing and supply chain. Most organizations are aware of NIS2 and what it aims to achieve (as well as the costs), but research from IDC has shown that only 14% of organizations are fully ready for NIS2. The majority, at 77%, are partially there. 

 With so few organizations across the NIS2 finish line and the official deadline for compliance fast approaching, I wanted to share some of the findings from this research, and how you can move your organization’s transformation efforts forward. 

NIS2 Capable 

IDC has found that over 90% of organizations impacted by NIS2 are aware of it and have taken first steps in taking action to align with the directive. 

About one in five (17%) are categorized as IDC as being NIS2 ‘capable.’  

 Organizations at this level of readiness have a long way to go however, with the need for many to implement all necessary compliance procedures and policies. 

Let’s take incident handling as an example, which is a key requirement of NIS2. With large organizations often being the target of multiple, complex cyberattacks, the rapid co-ordination of multiple stakeholders and timely reporting of incidents is what allows for quicker response and recovery, as well as minimizing the impact on essential services and the wider economy. Having robust technical protection will clearly help but organizations also need to think through the complete response to a security incident. 

Technologies like Microsoft Defender and Microsoft Sentinel will help security teams handle incidents with a real time, comprehensive view of security issues. But the work on becoming NIS2 ready relies on an organization’s ability to create a fully robust set of compliance procedures and policies that engage the board and wider organization. This is what ensures that everyone is on board with how to respond to a security incident and how to keep the business going with a minimal impact on operations.
 

NIS2 Equipped

The next level of readiness IDC identified was NIS2 ‘equipped.’ About one-third (33%) of organizations fall into this category, and are characterized as being able to address most NIS2 requirements.  

The way to move beyond this level of readiness is to conduct a gap analysis of your security measures, and also what’s needed to meet NIS2 requirements or security standards such as ISO 27001.

Let’s consider supply chain security as an example, which is another key NIS2 requirement. When organizations enhance the security and resilience of their own organizations, cyber-criminals will look for other routes to compromise security via weaknesses in an organization’s supply chain. 

Addressing supply chain vulnerabilities is key to ensuring your own assets remain secure. Microsoft tools like Compliance Monitoring, Security Posture Management and Conditional Access Policies can help you control and manage the external access of organizational assets and customer tenants, but your security will still be dependent on your ability to identify gaps and challenges in your security posture.  

All organizations impacted by NIS2 should be in the process of identifying the challenges they have and develop action plans now.
 

Are you NIS2 ready? 

According to the IDC, organizations at the ready level for NIS2 (14%) exhibit the highest degree of preparedness for incident handling, have business continuity measures in place and deploy robust technology to ensure supply chain security and advanced encryption or cryptography. 

At Microsoft, we stand ready to help organizations of all kinds use  NIS2 as an opportunity to advance their cybersecurity posture. Our unique perspective in the security market and comprehensive suite of secure cloud-based solutions can help you identify, prevent, and mitigate against the cyberthreats we are facing today and in the future.   

Source: IDC Infobrief, Sponsored by Microsoft, NIS2 Readiness: A Guide for Organizations in Europe, #EUR252440224, July 2024 

> Read the IDC report in full 

Join us: Microsoft Discover Hour: Prepare for the new AI and regulatory landscape with Microsoft Purview

Our leading experts will show how Microsoft Purview can help you adopt AI securely, use AI to improve your data compliance, and deploy a data security program successfully. We will also share the findings of the latest IDC research on how prepared the European markets actually are for the NIS2 countdown.

Discover more related articles per industry:

Education

  • Girl studying

    Secondary school Kirchdorf: Reimagining hybrid learning with Surface and Teams

    “What we really wanted to achieve was simplicity for both our students and our educators. Through our digitalization efforts, we’ve seen that using technology to complement traditional teaching and learning is an investment for the future, not just for children, but for everyone.” Martin Schnetzer, teacher and IT admin at Mittelschule Kirchdorf, Austria, reflects on […]

  • a group of people sitting at a table using a laptop computer

    4 reasons Citrix and Windows Virtual Desktop are better together for education

    Educational institutions all over the world experience a huge transformation. We are all familiar with the impact of COVID-19 on digitization in education, but there are more challenges. The digitization challenges faced by educational institutions   Because of the measures against the COVID-19 pandemic, like lockdowns and social distancing, the trend of online or blended […]

Finance & Insurance

Government

Healthcare

Manufacturing

  • A photo of trees

    Future society: The utility company turning up the heat with AI

    One Swedish utility company is undergoing a journey in energy innovation―empowered by dynamic collaborations and AI technology. Frosty commutes from work in wintery Nordic cities are endured knowing that a toasty home awaits. Keeping city energy consumption steadily regulated is key, not just for an economical and warm home for residents, but to minimise environmental […]

  • A Maersk container

    Maersk and Onomondo: a partnership that’s making all the right IoT connections

    “I suppose you could say we were dating at first,” says Michael Karlsen, CEO and co-founder of Onomondo, as he recalls his company’s first meeting with Danish shipping behemoth A.P. Moller – Maersk in February 2019. He admits that the two companies were an unlikely corporate couple: the small, Copenhagen-based start-up IoT operator Onomondo with less than 20 employees, and the massive, 79,900-strong Maersk with its global fleet of over 700 vessels and 3.5 million containers.   The match was made by the Danish Energy Authority. “They knew we were very interested […]

Retail

  • a person standing in a room

    Delivering seamless commerce with a complete omnichannel solution

    With retail moving beyond a transactional model, customers are looking for retail experiences that meet or exceed their growing expectations. Retailers are tasked with better understanding customer needs and preferences in order to create personalized and friction-free shopping experiences. This is only possible by removing the barriers between traditionally isolated channels, like e-commerce and physical […]

  • female shopkeeper looking at her work tablet

    Create flexible retail supply chains that are built to last

    In a powerful storm, a tree that does not bend is likely to break. In 2020, the pandemic put storm-like forces on global supply chains – and many of them simply broke. There were shortages of many household items and commercial supplies, with many retailers forced to ration sales of some products.  This showed how […]

Discover more related articles per dossier:

Customer Stories

Digital Transformation

  • Asian woman looking at a tablet

    Microsoft Cloud for Retail: Connect your customers, people, and data

    Retailers have experienced times of tremendous uncertainty. It’s time to lean into change and thrive by becoming a resilient retailer that drives sustainable profitability and growth. We work closely with our partner ecosystem to offer proven solutions that help retailers in 4 key areas to become resilient and experience sustainable success:  Maximize the value of […]

Security & Privacy

Tips

  • Group of two female and one male office workers brainstorming in informal office setting. Both women are using laptops while the man is writing. Large screen shown in background.

    2019 Modern Selling Trends in 5 webinars

    The relationship between buyers and sellers grows more complicated each day. Every potential partnership requires finding the right buyer, fully understanding their business, tracking progress through the buying cycle, and engaging them with the right content—when and how they want it. These shifting dynamics underscore the artistry of modern selling. When the time is right, […]