Posts

Showing posts from April, 2018

The NIS Directive EU Cybersecurity

The Directive on security of network and information systems (the NIS Directive) requires transposition into European Union Member's domestic law by May 9, 2018 ( definition of an EU Directive ). The NIS Directive, adopted in July 2016, entered into force in August 2016. The UK's National Cyber Security Center (NCSC) published an Introduction to the NIS Directive , which provides an overview on on the application of the NIS Directive; a second web site sets out top level objectives of the NIS Directive . Objectives guidance on managing security risks , protecting against cyber attack , detecting cyber security events , minimising cyber security event impacts , examples of supply chain cyber attacks , assessment of supply chain practices , and the 12 principles of supply chain security are posted on the NCSC website. The NSCS also published an Introduction to identity and access management . The Cyber Assessment Framework (CAF) will be published by the end of April 2018.