The global community for Corporate Sustainability Leaders

by osapiens
Ask question
Home | NIS 2 | Cybersecurity requirements
What are you looking for?

Cybersecurity requirements

Measures to manage the risks

Essential and important entities should take appropriate and proportionate technical, operational and organisational measures to manage the cybersecurity risks they face and prevent or minimise the impact of incidents on their services and on third-party services.

Such measures shall be based on all-risk planning aimed at protecting the network and information systems and their physical environment, including at least the following measures:

  1. Risk analysis and system security processes.
  2. Incident handling procedures.
  3. Business continuity, such as backup management and disaster recovery, and crisis management.
  4. Supply chain security
  5. Secure network and information systems, including the management and disclosure of vulnerabilities.
  6. Policies and procedures for assessing the effectiveness of cybersecurity risk management measures.
  7. Cyber hygiene practices and cybersecurity training
  8. Data security through cryptography and encryption
  9. Human resources security, access control policies and asset management.
  10. Improved identification and authentication.
Asked questions 0 Answered questions 0 Opened questions 0 Documents 0 Videos 0
ESG Peers
ESG Regulations
EUDR
EUDR Commodities
CBAM
CBAM Goods
CCF
Scope 3 – Supply Chain emissions
CSRD
CSRD Reporting Standards and Disclosure Requirements
ESG Cross-Cutting Standards
Topical Standards
CSDDD
WHISTLEBLOWER
SANCTION LISTS
EU TAXONOMY
PCF
How to calculate a Product Carbon Footprint?
DPP
NIS 2
Knowledge Base