SUPPORTING YOUR NIS2 COMPLIANCE

On Thursday September 12, 2024 we had another great Pointury event about NIS2 with Pascal D'Eer and Johan Klykens as keynote speakers

Supporting your NIS2 compliance efforts by implementing a digital shield. 

The event covered critical aspects of NIS2 compliance and how organisations can bolster their cybersecurity efforts by implementing a digital shield.

Supporting Your NIS2 Compliance Efforts with a Digital Shield
As NIS2 compliance becomes mandatory for key sectors within the EU, organisations must prioritise their cybersecurity strategies. A digital shield offers a holistic solution that helps meet the directive’s rigorous requirements, enhancing operational resilience while safeguarding essential infrastructure.

By adopting this comprehensive approach, organisations can ensure they are compliant with regulatory mandates while strengthening their overall cybersecurity posture. In an era of increasing interconnectedness, the digital shield sets a strong foundation for a more secure future.

Belgium Leading the Way in Cybersecurity Legislation
During the event, Johan Klykens praised Belgium's progress in implementing cybersecurity laws. He remarked that Belgium is poised to be the first country in Europe to fully implement the NIS2 directive into national legislation by October 18, 2024.

Belgium’s Cybersecurity Strategy 2.0 aims to position the country as one of the least vulnerable in Europe by 2025. The success of this strategy has led to several other European nations adopting the Belgian approach.

Introducing CyFun: The CyberFundamentals Framework
Both Pascal and Johan introduced the CyFun framework during their session. CyFun, short for CyberFundamentals Framework, outlines key measures to safeguard data, mitigate the most common cyber-attacks, and boost an organisation’s cyber resilience.

The framework offers four distinct levels of assurance to cater to organisations based on their threat exposure:

• Small: Designed for micro-organisations or businesses with limited technical resources, enabling them to perform an initial security assessment.
• Basic: Contains standard information security measures suitable for all enterprises. These are common industry practices tailored and refined where necessary.
• Important: Geared towards minimising the risk of targeted attacks by adversaries with basic to moderate resources and skills.
• Essential: Focuses on defending against advanced threats posed by actors with significant capabilities and resources.
  

Interesting to note, "CyFun" is derived from a Welsh word, meaning "united" or "comprehensive," signifying a collaborative and universal approach to cybersecurity.

A Pragmatic 7-Step Approach to Cybersecurity
Johan also shared insights on the CCB's (Center for Cybersecurity Belgium) recommended 7-step approach for essential cyber protections. This pragmatic strategy emphasizes prioritising the basics and addressing the most critical cyber threats first.

Reporting Cybersecurity Incidents
A key takeaway from the discussion was the obligation for organisations to report cybersecurity incidents that could impact their service continuity. While the CCB provides guidance on handling cyber incidents, it does not manage the operations to resolve them directly.

Cybersecurity Training and Awareness
Lastly, the importance of cybersecurity training was highlighted. To foster a culture of cybersecurity awareness, organisations should:

• Tailor training sessions to different audiences,
• Use plain language,
• Make training sessions interactive and creative,
• Blend various training techniques for maximum effectiveness.
• Training must address both professional and personal digital security practices, ensuring employees are equipped to handle cyber threats in all areas of their lives.
  

Our partner for this event was F5, a multicloud application security and delivery company committed to bringing a better digital world to life. F5 partners with the world’s largest, most advanced organizations to secure every app—on premises, in the cloud, or at the edge. F5 enables businesses to continuously stay ahead of threats while delivering exceptional, secure digital experiences for their customers.

Check out upcoming events and other interesting articles on www.pointury.com