The Directive on the Security of Network and Information Systems (NIS-D) was adopted by the European Union in 2016.
The intention is to ensure common standards of security across all member states and the Directive sets out a range of security requirements that now apply to operators of essential services - including national railways and their supply chains.
Relevant organisations that fail to comply with the Directive risk incurring strict financial penalties - which can be up to 4% of turnover - and being subjected to increased supervision by their designated National Competent Authorities.
Ensuring full compliance with NIS-D is a complex challenge for organisations unfamiliar with its scope, its requirements and even the extent of materials and information they must be able to provide about their networks and information infrastructure.
To talk to an expert about the implications of the NIS Directive for your business, contact us directly using the form below, or visit our Digital Resilience pages.