NIS Directive Compliance

NIS Directive Compliance

What is the NIS Directive?

The Directive on the Security of Network and Information Systems (NIS-D) was adopted by the European Union in 2016.

Its intention is to ensure common standards of security across all Member States and sets out a range of security requirements that now apply to operators of essential services - including national railways and their supply chains.

Relevant organisations that fail to comply with the Directive risk incurring strict financial penalties - which can be up to 4% of turnover - and could be subjected to increased supervision by their designated National Competent Authorities.

An expert route to full compliance

Ensuring full compliance with NIS-D is a complex challenge for organisations unfamiliar with its scope, its full requirements and even the extent of materials and information they must be able to provide about their networks and information infrastructure.

We help rail organisations through every stage of the process. Through our unique Ricardo partnership we combine rail domain knowledge with a deep understanding of security practice in other critical infrastructure  to ensure every aspect of the directive is accounted for.

Following initial briefings to help raise awareness amongst staff of the NIS-D and its expectations, we work with your staff to develop project and document plans, determine requirements and emerging prirotites, manage all liaison with regulators and help prepare their final evidence for submission. 

Benefits of working with Ricardo's experts 

  • Ensure regulatory compliance
  • Raise internal awareness of security responsibilities
  • Protect the organisation from penalties and reputational harm
Digital risk assessment: Aventra

Digital risk assessment: Aventra

In partnership with Roke Manor Research Ltd, a leading UK innovator in cyber security,  Ricardo's experts helped Bombardier’s undertake an in-depth assessment of the Aventra's exposure to cyber threats.

Read more