The Network and Information Systems (NIS) Directive (Directive (EU) 2016/1148 of the European Parliament and of the Council) seeks to achieve a high common level of security of network and information systems and applies to all EU member states.
The governance also applies to the UK both during and after Brexit, these rules also affect other companies operating in EU member states.
The NIS Directive defines two categories of organizations Operators of Essential Services (OESs) and Digital Service Providers (DSPs). The NIS Directive defines “minimum standards of due care” for protecting these critical infrastructures.
EU member states were tasked by the European Parliament to transpose the NIS Directive into national law by the 9th of May 2018 with the additional obligation to identify which OES were within the Directive’s scope by November 2018.
The aim of the NIS is to increase the security of these critical infrastructures by taking a three-pronged approach
- Increased EU co-operation
- Improved cyber security capabilities at a national level
- Risk management and reporting obligations for qualifying organizations
This one-day theory-based course has been designed by BSI’s industry leading cybersecurity consultants with the ultimate goal of providing candidates with an understanding of the NIS Directive. Additionally, this course will provide a practical understanding of the implications and legal requirements for organizations.
Now available as a tutor-led, online course via BSI Connected Learning Live
Scroll to bottom of page for course dates and booking options
How will I benefit?
- Understand the NIS Directive and how it relates to businesses
- Understand what is meant by an OES and a DSP
- Understand the security obligations
- Understand Business Continuity and Incident Response requirements
- Security Team members
- Managers and directors of organizations which need to comply with the NIS directive or supporting services
- Module 1 NIS Directive
- Module 2 Critical Infrastructure, what are OESs and DSPs
- Module 3 Definitions and terminology
- Module 4 Network and information security obligations
- Module 5 Incident response requirements
- Module 6 Breach response requirements
- Module 7 Compliance strategies
- Module 8 Enforcement and penalties
- Lunch (classroom only)
- Course Notes / Material
- Certificate of attendance