The Network and Information Systems (NIS) Directive is an EU wide piece of legislation aimed at increasing the level of cybersecurity for critical infrastructure including utilities, transport, healthcare and digital services and to give them the opportunity to deploy best practice cybersecurity protocols.
This framework nurtures sustainability, mitigates risks, protects organizations and their information, safeguards their people and ensures a state of enhanced information resilience.
What is the purpose?
At a member state level, the NIS Directive is designed to secure critical infrastructure from cybersecurity threats by focusing on the three top-level objectives:
- Improved cybersecurity capabilities at national level
- Increased level of EU cooperation
- Supervision of critical sectors
Who does the NIS Directive apply to?
The NIS Directive places legal obligations on Operators of Essential Services (OES) and Digital Service Providers (DSP).