Post by account_disabled on Mar 4, 2024 3:19:00 GMT -5
In order for the members of the governing bodies to have an adequate awareness of cyber threats, they will undergo regular training. Financial sanctions for breaching security measures are what the directive will significantly toughen . In the event of a serious violation of the measure, the penalty for the basic entities may rise to , , euros, or % of the total annual turnover of the company in the previous year. For important entities, the amounts are set at million euros, or . % of the total turnover. When imposing a financial penalty, the amount that is higher is taken into account.
Supply chain impacts A change regarding the assessment USA Phone Number List of the security of the supply chain of companies is causing a great debate . Currently, it is up to the entities themselves how they evaluate the riskiness of their suppliers. But they will now be obliged to ensure that their suppliers also meet the requirements of NIS . Entities must then report significant suppliers directly to NÚKIB . In the case of , NÚKIB has the right not to approve risky suppliers . The directive recommends that the condition of meeting the requirements of NIS be included in the contractual arrangements or that the possibility of an audit be arranged at supplier companies.
Sharing incidents and cyber threats The directive also requires reporting of security incidents and threats . Entities will have to immediately notify NÚKIB of every incident that has a serious impact on the provision of services, as well as every significant cyber threat they discover. What this means in practice, we asked the operations director of MasterDC, Filip Špaček: "To be able to process and report incidents according to the requirements of NIS , it is necessary to have a full-fledged SIEM system. It collects logs about the activity of all IT systems, stores them in a structured way and evaluates them.
Supply chain impacts A change regarding the assessment USA Phone Number List of the security of the supply chain of companies is causing a great debate . Currently, it is up to the entities themselves how they evaluate the riskiness of their suppliers. But they will now be obliged to ensure that their suppliers also meet the requirements of NIS . Entities must then report significant suppliers directly to NÚKIB . In the case of , NÚKIB has the right not to approve risky suppliers . The directive recommends that the condition of meeting the requirements of NIS be included in the contractual arrangements or that the possibility of an audit be arranged at supplier companies.
Sharing incidents and cyber threats The directive also requires reporting of security incidents and threats . Entities will have to immediately notify NÚKIB of every incident that has a serious impact on the provision of services, as well as every significant cyber threat they discover. What this means in practice, we asked the operations director of MasterDC, Filip Špaček: "To be able to process and report incidents according to the requirements of NIS , it is necessary to have a full-fledged SIEM system. It collects logs about the activity of all IT systems, stores them in a structured way and evaluates them.