The new NIS2 directive aims to improve internal cybersecurity measures while also promoting collaboration between companies and within the EU.
The EU member states now have until October 17 of this year to incorporate the measures into national legislation. Like the NIS directive that preceded it, NIS2 does not specify which technological changes must be made explicitly. Rather, abstract ideas and concepts for improving the security situation are outlined. It is clear that NIS2 will affect a large number of companies operating in the EU. However, it is unclear what impact the directive will have on these organisations.
First of all, it should be noted that – due to the different circumstances and technical requirements of the individual member states – it is impossible to outline a uniform approach to complying with the directive. The ultimate responsibility for introducing the necessary changes therefore lies with the individual company. Nonetheless, we believe that two fundamental practices promote greater cyber resilience.
Forget passwords
Passwords are no longer enough to protect users from the sophisticated techniques of hackers. The first and most important step is therefore the introduction of phishing-resistant multi-factor authentication (MFA). In addition, it is important to ensure the protection of critical data and to use encryption wherever possible. Because even if an attacker succeeds in penetrating the company network, it is very unlikely that data will be exfiltrated. In order for this to succeed, the hacker would need to be in possession of the private key.
The decisive factor here, however, will be the integration of these measures into the existing infrastructure. Yubico offers a number of options to improve cyber resiliency. The YubiKey, a hardware security token that supports both PIV and FIDO2, can complement or even replace a password-based authentication process with a strong, phishing-resistant flow. As for the encryption component, the YubiHSM is recommended for secure storage and generation of private keys and other cryptographic material.
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
Investments are worthwhile
While the NIS2 policy may be a real challenge, any investment in cyber resilience is worthwhile as it increases the chance of preventing potential future disasters. Yubico can help organizations meet cybersecurity challenges well beyond the need to meet NIS2.
More at Yubico.com
About Yubico
Yubico sets new global standards for easy and secure access to computers, mobile devices, servers and Internet accounts. The company's flagship product, the YubiKey, provides effective hardware-based protection for any number of IT systems and online services at the touch of a button.