11 July 2017

The EU wants to have secure networks in companies. Maybe in yours as well.

The reason why the EU has adopted stricter network security measures is to make better use of e-commerce. This is what follows from EU Directive 2016/1148 concerning measures for a high common level of security of network and information systems across the Union. The Directive often referred to as NIS (Network and Information Systems), is the first ever pan-European legislation on cyber security. It will start to apply on 10 May 2018, by which date all relevant companies are required to comply with its requirements.


Who does NIS apply to?

The NIS Directive applies to operators of essential services and digital service providers. If your company offers cloud computing, online search engine or online marketplace services, or operates in the transport, banking, health care, public administration, digital infrastructure, energy, financial market infrastructure, or is a drinking water supplier, NIS is a highly topical issue for you.


What do you have to comply with?

  • Take measures to manage the risks associated with security of network and information systems used in your business
  • Prevent and minimize the impact of incidents
  • Introduce and update your security policy
  • Report any significant incident to the competent authority and provide the necessary information
  • Make evidence of the implementation of security policies and the results of a security audit available to the competent authority
  • Take corrective action if the requirements of the NIS Directive are not met

Time to act is now

There is less than 12 months before the NIS Directive is applied. That is why it is time to start addressing the security of network and information systems right now. According to statistics, only 44% of companies use penetration tests in their practice. And yet, in the last year there has been a 23% increase in the number of businesses that perceive cyber threats as serious or critical.


Help from Soitron

NIS is a complex issue and there are only a few experts on the subject. So, do not hesitate to use the experience of our IT consultancy team. If you need to have an initial analysis conducted, or if you need just a non-binding consultation on a network security issue in your business, please contact us at or via the contact form. We will:

  • Assess the risks related to NIS requirements;
  • Review you internal security processes;
  • Design the internal strategy for responding to security incidents;
  • Assist you in implementing the minimum level of security;
  • Recommend the best technologies to help you meet the NIS Directive requirements;
  • Assist you in implementing your early incident reporting system.

For more information please see also our product sheet.