A woman working with a tablet

One year to go: Preparing for NIS2 isn’t a compliance exercise – it’s a business opportunity

Mike Hughes

Mike Hughes

Business Group Director, Security at Microsoft Western Europe

Read Time, 3 min.

I recently read an insight from IDC that suggests addressing cybersecurity threats is the top board priority worldwide. Further, CEOs of large firms say security is their most important expenditure.

It was interesting to see the international consensus here. Certainly, in my work with Microsoft’s customers in Western Europe, I know cybersecurity is very much top of mind among the c-suite and IT leaders alike.

As of 2022 Europe faces a shortage of around 500,000 skilled cybersecurity professionals (up from 200,000 in 2021). What’s more, the threat landscape continues to evolve. The Microsoft Digital Defense Report shows that nation state attacks have increase d in the region, and bad actors are increasingly targeting essential services like energy, agriculture, transportation.

Getting NIS2-ready is ultimately a business opportunity.

It’s in this context that the EU is implementing the most comprehensive EU cybersecurity legislation to date: Network and Information Systems Directive 2 (NIS2). Set to come into effect in one year from now in October 2024, the purpose of NIS2 is to establish a baseline of cybersecurity measures for organizations that provide essential services.

160,000 companies across 18 sectors will be expected to comply. Municipalities, healthcare systems, financial services and manufacturing firms are a few examples.

It’s a comprehensive blueprint for cybersecurity resilience.

In fact, I’ve had conversations with colleagues and customers who have drawn parrels with GDPR. I think that’s a fair comparison. I also think GDPR offers some lessons that are instructive as companies prepare for NIS2 over the coming months.

NIS2 will help organizations ensure they are prepared to respond to the evolving threat landscape. That level of preparedness will only build trust among an organization’s customers, partners and stakeholders. This is exactly what we saw with GDPR. Clearly people and organizations only want to do business with those they trust.

Preparing for NIS2 isn’t a backroom IT issue – it calls for company-wide transformation.

Did you know that the median time for an attacker to begin moving within a corporate network after a single device is compromised is less than 2 hours? With criminals becoming more sophisticated, every person in an organization – from a factory floor manager to executives – needs the right skills and tools to recognize and effectively mitigate threats.

That said, many cybersecurity teams I work with are currently understaffed. It’s here where I see artificial intelligence (AI) tools playing an important role. This technology is augmenting the skills and experience of professionals, helping them identify and respond to threats with machine speed.

Again, just like with GDPR, preparing for NIS2 represents a transformation challenge – and opportunity – that will be as much about people as it is technology.

Successful transformation takes partnership.

The spirit behind NIS2 speaks to a simple truth: we can’t as a region address cybersecurity if we don’t work together. Collaboration across public and private sector organizations will be key. In addition, businesses will need trusted partners. Just as they would with any major transformation effort – as was the case with GDPR.

At Microsoft, the safety and security of our customers is our top priority. It’s why every product and service we create is “secure by design.” And behind our technology, we have a world-class team of cybersecurity professionals. Using AI, our teams can analyze trillions of pieces of cybersecurity data everyday – helping keep our customers safe and their businesses resilient.

We have a range of cybersecurity solutions that can help organizations with their NIS2 transformation journeys. With employee trainings, risk assessments, threat monitoring and incident alerts, we are committed to working with our customers to find the right tools and processes to prepare their businesses for NIS2 and beyond.

The bottom-line: Shoring up EU’s cybersecurity readiness is so much more than a compliance exercise. It’s an opportunity to build trust with your customers and maintain a competitive edge.

For more information on how Microsoft can help you get ready for NIS2 see Preparing for NIS2: More than a compliance exercise: an opportunity to future proof your organization.

Preparing for NIS2: 3 Guiding Principles for Leaders

Get started on your transformation today with three guiding principles for preparing for NIS2.

Discover more related articles per industry:

Education

  • Cloud

    A guide to GDPR for universities

    With the EU’s new General Data Protection Regulation coming into effect on May 25, understand how universities like yours can take the right steps towards compliance with this free eBook – and other useful resources. Your university on a journey on a journey Your university is on a journey with lots of ‘data subjects’. They’re […]

  • a person sitting at a table using a laptop computer

    Reimagining education: From remote to hybrid learning

    The COVID-19 pandemic has generated a torrent of individual and small-group responses as to how education could be transformed. We have found a groundswell of interest in the question, “How best to take advantage of the new opportunities arising from the disruption?” What people desperately need are opportunities to team up and find pathways of […]

Government

  • Ineco

    Ineco improves employee productivity with modern tools and AI

    Struggling with software doesn’t help people get more done. Likewise, if sharing files and collaborating on documents is difficult, productivity takes a hit. Ineco, a Spanish public sector company, understands this, which is why it set out to change the way employees interact with technology and one another. By deploying Microsoft 365 to its over […]

  • a man and two women standing in front of a brick building

    Ajuntament de Lleida: transforming the public sector with a modern, virtual workplace

    “At Ajuntament de Lleida, we think differently. We embrace new technology. And when we see that it could add real value to the work we do, we find a way to make it happen.” Carles GinéSabaté, Systems Implementation Planning Manager at Ajuntament de Lleida, is reflecting on his organization’s open-armed approach to digital transformation and […]

Healthcare

Manufacturing

Retail

Discover more related articles per dossier:

Customer Stories

  • a person preparing food in a kitchen

    Humanitas-DMH: empowering key workers with a secure digital support

    “Our goal is to create an environment where people with mental disabilities can feel safe, secure and happy.” Marcella van Kraaij, Digital Transformation Advisor at Dutch healthcare provider Humanitas-DMH, is discussing her organization’s key objectives – and how the technology her team recently adopted is helping it to achieve them. Every day, the carers and […]

Digital Transformation

Security & Privacy

Tips

  • a group of people sitting at a table

    A single collaboration hub to help sales soar

    Do you know Microsoft’s secret to sales success? Collaboration. It’s at the heart of its culture and solutions. Today, companies investing in teamwork are five times more likely to be high-performing, so collaboration could be the difference between profit and loss. When compared to five years ago, an average information worker spends 50% more time […]