SlideShare a Scribd company logo

The NIS directive: Yet another expensive legality or an opportunity to improve security?

Rayna Stamboliyska
Rayna Stamboliyska

Slides from my keynote at the Luxembourg Internet Days 2018. The presentation aims at briefly introducing a wider audience to the NIS directive, the 'cybersecurity arm' of the Digital Single Market.

Technology
1 of 12
The NIS Directive Yet another expensive legality or an opportunity to improve security?
Welcome Rayna Stamboliyska Security and Compliance (risk & crisis management) Author, “La face cachée d’Internet” (Prix du livre cyber “Grand public”, FIC 2018) rayna@rs-strategy.consulting @MaliciaRogue
What is the NIS Directive? The Network and Information Security Directive aims to: ◉ Ensure strong common security standards across the EU; ◉ Improve IS and network governance & security; ◉ Strengthen defense and resilience. => the cybersecurity arm of the Digital Single Market
What must Member States do? Create institutions dedicated to cybersecurity Develop inter-CSIRT collaboration Identify and lead concerned orgs to compliance with NIS Ensure organisations remain compliant with NIS NB: Some orgs are excluded (unnecessary to cumulate legal obligations), e.g. electronic comms, eIDAS-concerned, French “OIV”, etc.
Is my organisation concerned? YES if you are in one of those industries: Essential Services Digital Services
The road to compliance Albeit vague, the NIS Directive insists on: ◉ Identify and master: risk management; ◉ Map, audit and get official approval: implement security; ◉ Compartiment, filter, implement IAM: consolidate architecture; ◉ Monitor, detect and fix: maintain security; => all that’s common sense… or is it a necessary evil?
Some lessons learnt Finding forerunners where you’d expect them the least
State of cybersecurity at many vital service providers Allegory.
“Loi de Programmation militaire” (since 2013) ◉ Legislative vehicle for security at vital services providers ◉ Articulated in 20 rules with varying compliance timelines; ◉ Defines “SIIV”: declaration-based perimeters; ◉ Governance, audit & official approval are a thing; ◉ Incident management becomes of vital importance (PDIS, PRIS); ◉ Parallelise & build upon existing expertise despite office politics. => ROI & all-encompassing compliance approach
Remember: Security is a risky business ◉ Timelines may exert pressure; ◉ What if legislation is slow to come by? ◉ Adjusting expectations might cost you greatly; ◉ Harmony is real hard: a unique EU-wide reference institution? Critical & sensitive intel sharing?
Threat modelling is the new black The intimate knowledge of your systems, tools and their becoming, both technical and functional, is crucial: Weigh in and structure your strategy.
Thanks! Rayna Stamboliyska Security and Compliance (risk & crisis management) Author, “La face cachée d’Internet” (Prix du livre cyber “Grand public”, FIC 2018) rayna@rs-strategy.consulting @MaliciaRogue

Recommended

Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...
Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...
Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...Investments Network marcus evans
 
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...D1Conf
 
BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletGareth Niblett
 
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)Stephan Karpischek
 
Insurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalInsurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalThe Digital Insurer
 
Etherisc at EDCON 2017
Etherisc at EDCON 2017Etherisc at EDCON 2017
Etherisc at EDCON 2017Stephan Karpischek
 
Patrick Berarducci on taxonomy of digital financial assets
Patrick Berarducci on taxonomy of digital financial assetsPatrick Berarducci on taxonomy of digital financial assets
Patrick Berarducci on taxonomy of digital financial assetsOECD Directorate for Financial and Enterprise Affairs
 
Gary Gensler on Crypto Finance
Gary Gensler on Crypto FinanceGary Gensler on Crypto Finance
Gary Gensler on Crypto FinanceOECD Directorate for Financial and Enterprise Affairs
 

Recommended

Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...
Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...
Enhancing the Long-Term Return of Cryptocurrency Assets-Bill La Prise, WhiteT...Investments Network marcus evans
 
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...
D1Conf 2018 | The Opportunities of Blockchain for Inclusive Insurance | Michi...D1Conf
 
BCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletBCS ITNow 201506 - Silver Bullet
BCS ITNow 201506 - Silver BulletGareth Niblett
 
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)
Etherisc at the Ethereum Meetup Vienna 20 March 2017 (Part 1)Stephan Karpischek
 
Insurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalInsurance Innovation Award-PolicyPal
Insurance Innovation Award-PolicyPalThe Digital Insurer
 
Etherisc at EDCON 2017
Etherisc at EDCON 2017Etherisc at EDCON 2017
Etherisc at EDCON 2017Stephan Karpischek
 
Patrick Berarducci on taxonomy of digital financial assets
Patrick Berarducci on taxonomy of digital financial assetsPatrick Berarducci on taxonomy of digital financial assets
Patrick Berarducci on taxonomy of digital financial assetsOECD Directorate for Financial and Enterprise Affairs
 
Gary Gensler on Crypto Finance
Gary Gensler on Crypto FinanceGary Gensler on Crypto Finance
Gary Gensler on Crypto FinanceOECD Directorate for Financial and Enterprise Affairs
 
Crypto Valley at the OECD Workshop on Digital Financial Assets
Crypto Valley at the OECD Workshop on Digital Financial Assets Crypto Valley at the OECD Workshop on Digital Financial Assets
Crypto Valley at the OECD Workshop on Digital Financial Assets OECD Directorate for Financial and Enterprise Affairs
 
Etherisc at Ethereum London meetup
Etherisc at Ethereum London meetupEtherisc at Ethereum London meetup
Etherisc at Ethereum London meetupStephan Karpischek
 
Witt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama PanalWitt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama Panalbcilondonforum
 
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...R3
 
Indjic Fintech Module 7
Indjic Fintech Module 7Indjic Fintech Module 7
Indjic Fintech Module 7Drago Indjic
 
DWI Mobile Financial Solutions
DWI Mobile Financial SolutionsDWI Mobile Financial Solutions
DWI Mobile Financial SolutionsDaniel Wamara
 
Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal Philip Vasquez
 
Risk and Insurance Management Society
Risk and Insurance Management SocietyRisk and Insurance Management Society
Risk and Insurance Management SocietyAlan Reisch
 
Avida International, Who We Are
Avida International, Who We AreAvida International, Who We Are
Avida International, Who We AreJeroenSch
 
Etherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetupEtherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetupStephan Karpischek
 
Asia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance CustomerAsia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance CustomerThe Digital Insurer
 
EXECInsurtech Review
EXECInsurtech ReviewEXECInsurtech Review
EXECInsurtech ReviewThe Digital Insurer
 
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...FinTech Belgium
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)JISC.AM
 
Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?OECDglobal
 
KiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain VisibilityKiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain VisibilityArnaud
 
Using intellectual property in forming strategic global alliances
Using intellectual property in forming strategic global alliances Using intellectual property in forming strategic global alliances
Using intellectual property in forming strategic global alliances Global Outsourcing Association of Lawyers (GOAL)
 
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODOMRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODOassociate14
 
ICO: doing it right
ICO: doing it rightICO: doing it right
ICO: doing it rightMukhtar Mussabetov
 
Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016Omer Coskun
 

More Related Content

What's hot

Etherisc at Ethereum London meetup
Etherisc at Ethereum London meetupEtherisc at Ethereum London meetup
Etherisc at Ethereum London meetupStephan Karpischek
 
Witt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama PanalWitt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama Panalbcilondonforum
 
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...R3
 
Indjic Fintech Module 7
Indjic Fintech Module 7Indjic Fintech Module 7
Indjic Fintech Module 7Drago Indjic
 
DWI Mobile Financial Solutions
DWI Mobile Financial SolutionsDWI Mobile Financial Solutions
DWI Mobile Financial SolutionsDaniel Wamara
 
Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal Philip Vasquez
 
Risk and Insurance Management Society
Risk and Insurance Management SocietyRisk and Insurance Management Society
Risk and Insurance Management SocietyAlan Reisch
 
Avida International, Who We Are
Avida International, Who We AreAvida International, Who We Are
Avida International, Who We AreJeroenSch
 
Etherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetupEtherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetupStephan Karpischek
 
Asia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance CustomerAsia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance CustomerThe Digital Insurer
 
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...FinTech Belgium
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)JISC.AM
 
Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?OECDglobal
 
KiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain VisibilityKiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain VisibilityArnaud
 
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODOMRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODOassociate14
 

What's hot (19)

Crypto Valley at the OECD Workshop on Digital Financial Assets
Crypto Valley at the OECD Workshop on Digital Financial Assets Crypto Valley at the OECD Workshop on Digital Financial Assets
Crypto Valley at the OECD Workshop on Digital Financial Assets
 
Etherisc at Ethereum London meetup
Etherisc at Ethereum London meetupEtherisc at Ethereum London meetup
Etherisc at Ethereum London meetup
 
Witt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama PanalWitt O Briens: A route through the Panama Panal
Witt O Briens: A route through the Panama Panal
 
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
BizDay: LenderComm: Collaborative Innovation & DLT in Syndicated Lending, Hel...
 
Indjic Fintech Module 7
Indjic Fintech Module 7Indjic Fintech Module 7
Indjic Fintech Module 7
 
DWI Mobile Financial Solutions
DWI Mobile Financial SolutionsDWI Mobile Financial Solutions
DWI Mobile Financial Solutions
 
Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal Where are we going? DLT & Blockchain Legal
Where are we going? DLT & Blockchain Legal
 
Risk and Insurance Management Society
Risk and Insurance Management SocietyRisk and Insurance Management Society
Risk and Insurance Management Society
 
Avida International, Who We Are
Avida International, Who We AreAvida International, Who We Are
Avida International, Who We Are
 
Etherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetupEtherisc Ethereum DEV NL meetup
Etherisc Ethereum DEV NL meetup
 
Asia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance CustomerAsia 2017 Conference Reviews - The Digital Insurance Customer
Asia 2017 Conference Reviews - The Digital Insurance Customer
 
EXECInsurtech Review
EXECInsurtech ReviewEXECInsurtech Review
EXECInsurtech Review
 
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
Getting value out of the blockchain by Olivier Roucloux - FinTech Belgium Sum...
 
Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)Federated Futures (Nicole Harris)
Federated Futures (Nicole Harris)
 
Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?Investment promotion and access to markets: new opportunity?
Investment promotion and access to markets: new opportunity?
 
KiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain VisibilityKiidLine: Distribute Your Funds and Gain Visibility
KiidLine: Distribute Your Funds and Gain Visibility
 
Using intellectual property in forming strategic global alliances
Using intellectual property in forming strategic global alliances Using intellectual property in forming strategic global alliances
Using intellectual property in forming strategic global alliances
 
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODOMRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
MRHB DeFi Launches IDO, Followed by Listing of $MRHB on PancakeSwap and DODO
 
ICO: doing it right
ICO: doing it rightICO: doing it right
ICO: doing it right
 

Similar to The NIS directive: Yet another expensive legality or an opportunity to improve security?

Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiebuc
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services OfferedRachel Anne Carter
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016Omer Coskun
 
Cybersecurity Threats - NI Business Continuity Forum
Cybersecurity Threats - NI Business Continuity ForumCybersecurity Threats - NI Business Continuity Forum
Cybersecurity Threats - NI Business Continuity ForumDavid Crozier
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...NRBsanv
 
Next Wave of Fintech: Redefining Financial Services through Technology
Next Wave of Fintech: Redefining Financial Services through TechnologyNext Wave of Fintech: Redefining Financial Services through Technology
Next Wave of Fintech: Redefining Financial Services through TechnologyRobin Teigland
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018FERMA
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperMestizo Enterprises
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexShivamSharma909
 
biid - NOAH17 London
biid - NOAH17 Londonbiid - NOAH17 London
biid - NOAH17 LondonNOAH Advisors
 
How Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond KairouzHow Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond Kairouzsigortatatbikatcilari
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Matthew Rosenquist
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessibleCharmaine Servado
 

Similar to The NIS directive: Yet another expensive legality or an opportunity to improve security? (20)

Biznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspektiBiznesa infrastruktūras un datu drošības juridiskie aspekti
Biznesa infrastruktūras un datu drošības juridiskie aspekti
 
The Security Circle- Services Offered
The Security Circle- Services OfferedThe Security Circle- Services Offered
The Security Circle- Services Offered
 
European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016European Cyber Security Perspectives 2016
European Cyber Security Perspectives 2016
 
Cybersecurity Threats - NI Business Continuity Forum
Cybersecurity Threats - NI Business Continuity ForumCybersecurity Threats - NI Business Continuity Forum
Cybersecurity Threats - NI Business Continuity Forum
 
Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in AsiaUnderstanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in Asia
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
 
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...
 
Next Wave of Fintech: Redefining Financial Services through Technology
Next Wave of Fintech: Redefining Financial Services through TechnologyNext Wave of Fintech: Redefining Financial Services through Technology
Next Wave of Fintech: Redefining Financial Services through Technology
 
dcb1203CyberNDI
dcb1203CyberNDIdcb1203CyberNDI
dcb1203CyberNDI
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business Case
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White Paper
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
biid - NOAH17 London
biid - NOAH17 Londonbiid - NOAH17 London
biid - NOAH17 London
 
How Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond KairouzHow Technology Impacts the Insurance Sector - Raymond Kairouz
How Technology Impacts the Insurance Sector - Raymond Kairouz
 
CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)CRI-Corporate-Profile (1)
CRI-Corporate-Profile (1)
 
Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022Top Cyber News Magazine - Oct 2022
Top Cyber News Magazine - Oct 2022
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 

More from Rayna Stamboliyska

#CoRIIN2018 : Comment ne pas communiquer en temps de crise
#CoRIIN2018 : Comment ne pas communiquer en temps de crise#CoRIIN2018 : Comment ne pas communiquer en temps de crise
#CoRIIN2018 : Comment ne pas communiquer en temps de criseRayna Stamboliyska
 
Références bibliographiques "La face cachée d'Internet"
Références bibliographiques "La face cachée d'Internet"Références bibliographiques "La face cachée d'Internet"
Références bibliographiques "La face cachée d'Internet"Rayna Stamboliyska
 
La question de mémoire collective post-conflictuelle : une comparaison des di...
La question de mémoire collective post-conflictuelle : une comparaison des di...La question de mémoire collective post-conflictuelle : une comparaison des di...
La question de mémoire collective post-conflictuelle : une comparaison des di...Rayna Stamboliyska
 
The role of data for economic prosperity in the Middle East and North Africa
The role of data for economic prosperity in the Middle East and North AfricaThe role of data for economic prosperity in the Middle East and North Africa
The role of data for economic prosperity in the Middle East and North AfricaRayna Stamboliyska
 
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)Rayna Stamboliyska
 
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...Let's talk about policy! Politiques publiques pour l’ouverture des données sc...
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...Rayna Stamboliyska
 
Open Data Barometer, 2nd edition
Open Data Barometer, 2nd editionOpen Data Barometer, 2nd edition
Open Data Barometer, 2nd editionRayna Stamboliyska
 
Egypt: News Websites and Alternative Voices
Egypt: News Websites and Alternative VoicesEgypt: News Websites and Alternative Voices
Egypt: News Websites and Alternative VoicesRayna Stamboliyska
 
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015Rayna Stamboliyska
 
Открытые данные для социально- экономического развития: Роль гражданского общ...
Открытые данные для социально- экономического развития: Роль гражданского общ...Открытые данные для социально- экономического развития: Роль гражданского общ...
Открытые данные для социально- экономического развития: Роль гражданского общ...Rayna Stamboliyska
 
#OpenDataKG: Open Data and the role of civil society
#OpenDataKG: Open Data and the role of civil society#OpenDataKG: Open Data and the role of civil society
#OpenDataKG: Open Data and the role of civil societyRayna Stamboliyska
 
Programme BIL:OpenGov Tunisie (21 juin 2014)
Programme BIL:OpenGov Tunisie (21 juin 2014)Programme BIL:OpenGov Tunisie (21 juin 2014)
Programme BIL:OpenGov Tunisie (21 juin 2014)Rayna Stamboliyska
 
Cours pour la Licence "Sciences et Ingéniérie" ENSTA
Cours pour la Licence "Sciences et Ingéniérie" ENSTACours pour la Licence "Sciences et Ingéniérie" ENSTA
Cours pour la Licence "Sciences et Ingéniérie" ENSTARayna Stamboliyska
 
Gendered Quantified Self: my talk at FLOSSIE 2013
Gendered Quantified Self: my talk at FLOSSIE 2013Gendered Quantified Self: my talk at FLOSSIE 2013
Gendered Quantified Self: my talk at FLOSSIE 2013Rayna Stamboliyska
 
Big data, bad data -- Closing keynote at the Open World Forum 2013
Big data, bad data -- Closing keynote at the Open World Forum 2013Big data, bad data -- Closing keynote at the Open World Forum 2013
Big data, bad data -- Closing keynote at the Open World Forum 2013Rayna Stamboliyska
 
Open Data in Science & Research -- Open World Forum 2013, Public Policies track
Open Data in Science & Research -- Open World Forum 2013, Public Policies trackOpen Data in Science & Research -- Open World Forum 2013, Public Policies track
Open Data in Science & Research -- Open World Forum 2013, Public Policies trackRayna Stamboliyska
 
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...Knowledge Adventures for Kids: Masterclass presentation during the Social Med...
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...Rayna Stamboliyska
 
NASA SpaceApps challenges: Paris Off-the-Grid restitution
NASA SpaceApps challenges: Paris Off-the-Grid restitutionNASA SpaceApps challenges: Paris Off-the-Grid restitution
NASA SpaceApps challenges: Paris Off-the-Grid restitutionRayna Stamboliyska
 
Free software community functioning
Free software community functioningFree software community functioning
Free software community functioningRayna Stamboliyska
 

More from Rayna Stamboliyska (20)

#CoRIIN2018 : Comment ne pas communiquer en temps de crise
#CoRIIN2018 : Comment ne pas communiquer en temps de crise#CoRIIN2018 : Comment ne pas communiquer en temps de crise
#CoRIIN2018 : Comment ne pas communiquer en temps de crise
 
Références bibliographiques "La face cachée d'Internet"
Références bibliographiques "La face cachée d'Internet"Références bibliographiques "La face cachée d'Internet"
Références bibliographiques "La face cachée d'Internet"
 
La question de mémoire collective post-conflictuelle : une comparaison des di...
La question de mémoire collective post-conflictuelle : une comparaison des di...La question de mémoire collective post-conflictuelle : une comparaison des di...
La question de mémoire collective post-conflictuelle : une comparaison des di...
 
The role of data for economic prosperity in the Middle East and North Africa
The role of data for economic prosperity in the Middle East and North AfricaThe role of data for economic prosperity in the Middle East and North Africa
The role of data for economic prosperity in the Middle East and North Africa
 
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)
ОТВОРЕНИ ДАННИ ЗА ДОБРО УПРАВЛЕНИЕ (Open Data for Good Governance)
 
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...Let's talk about policy! Politiques publiques pour l’ouverture des données sc...
Let's talk about policy! Politiques publiques pour l’ouverture des données sc...
 
Open Data Barometer, 2nd edition
Open Data Barometer, 2nd editionOpen Data Barometer, 2nd edition
Open Data Barometer, 2nd edition
 
Egypt: News Websites and Alternative Voices
Egypt: News Websites and Alternative VoicesEgypt: News Websites and Alternative Voices
Egypt: News Websites and Alternative Voices
 
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015
Contes et légendes du RuNet : séminaire EHESS du 16 mars 2015
 
Corruption risk management
Corruption risk managementCorruption risk management
Corruption risk management
 
Открытые данные для социально- экономического развития: Роль гражданского общ...
Открытые данные для социально- экономического развития: Роль гражданского общ...Открытые данные для социально- экономического развития: Роль гражданского общ...
Открытые данные для социально- экономического развития: Роль гражданского общ...
 
#OpenDataKG: Open Data and the role of civil society
#OpenDataKG: Open Data and the role of civil society#OpenDataKG: Open Data and the role of civil society
#OpenDataKG: Open Data and the role of civil society
 
Programme BIL:OpenGov Tunisie (21 juin 2014)
Programme BIL:OpenGov Tunisie (21 juin 2014)Programme BIL:OpenGov Tunisie (21 juin 2014)
Programme BIL:OpenGov Tunisie (21 juin 2014)
 
Cours pour la Licence "Sciences et Ingéniérie" ENSTA
Cours pour la Licence "Sciences et Ingéniérie" ENSTACours pour la Licence "Sciences et Ingéniérie" ENSTA
Cours pour la Licence "Sciences et Ingéniérie" ENSTA
 
Gendered Quantified Self: my talk at FLOSSIE 2013
Gendered Quantified Self: my talk at FLOSSIE 2013Gendered Quantified Self: my talk at FLOSSIE 2013
Gendered Quantified Self: my talk at FLOSSIE 2013
 
Big data, bad data -- Closing keynote at the Open World Forum 2013
Big data, bad data -- Closing keynote at the Open World Forum 2013Big data, bad data -- Closing keynote at the Open World Forum 2013
Big data, bad data -- Closing keynote at the Open World Forum 2013
 
Open Data in Science & Research -- Open World Forum 2013, Public Policies track
Open Data in Science & Research -- Open World Forum 2013, Public Policies trackOpen Data in Science & Research -- Open World Forum 2013, Public Policies track
Open Data in Science & Research -- Open World Forum 2013, Public Policies track
 
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...Knowledge Adventures for Kids: Masterclass presentation during the Social Med...
Knowledge Adventures for Kids: Masterclass presentation during the Social Med...
 
NASA SpaceApps challenges: Paris Off-the-Grid restitution
NASA SpaceApps challenges: Paris Off-the-Grid restitutionNASA SpaceApps challenges: Paris Off-the-Grid restitution
NASA SpaceApps challenges: Paris Off-the-Grid restitution
 
Free software community functioning
Free software community functioningFree software community functioning
Free software community functioning
 

Recently uploaded

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

The NIS directive: Yet another expensive legality or an opportunity to improve security?

  • 1. The NIS Directive Yet another expensive legality or an opportunity to improve security?
  • 2. Welcome Rayna Stamboliyska Security and Compliance (risk & crisis management) Author, “La face cachée d’Internet” (Prix du livre cyber “Grand public”, FIC 2018) rayna@rs-strategy.consulting @MaliciaRogue
  • 3. What is the NIS Directive? The Network and Information Security Directive aims to: ◉ Ensure strong common security standards across the EU; ◉ Improve IS and network governance & security; ◉ Strengthen defense and resilience. => the cybersecurity arm of the Digital Single Market
  • 4. What must Member States do? Create institutions dedicated to cybersecurity Develop inter-CSIRT collaboration Identify and lead concerned orgs to compliance with NIS Ensure organisations remain compliant with NIS NB: Some orgs are excluded (unnecessary to cumulate legal obligations), e.g. electronic comms, eIDAS-concerned, French “OIV”, etc.
  • 5. Is my organisation concerned? YES if you are in one of those industries: Essential Services Digital Services
  • 6. The road to compliance Albeit vague, the NIS Directive insists on: ◉ Identify and master: risk management; ◉ Map, audit and get official approval: implement security; ◉ Compartiment, filter, implement IAM: consolidate architecture; ◉ Monitor, detect and fix: maintain security; => all that’s common sense… or is it a necessary evil?
  • 7. Some lessons learnt Finding forerunners where you’d expect them the least
  • 8. State of cybersecurity at many vital service providers Allegory.
  • 9. “Loi de Programmation militaire” (since 2013) ◉ Legislative vehicle for security at vital services providers ◉ Articulated in 20 rules with varying compliance timelines; ◉ Defines “SIIV”: declaration-based perimeters; ◉ Governance, audit & official approval are a thing; ◉ Incident management becomes of vital importance (PDIS, PRIS); ◉ Parallelise & build upon existing expertise despite office politics. => ROI & all-encompassing compliance approach
  • 10. Remember: Security is a risky business ◉ Timelines may exert pressure; ◉ What if legislation is slow to come by? ◉ Adjusting expectations might cost you greatly; ◉ Harmony is real hard: a unique EU-wide reference institution? Critical & sensitive intel sharing?
  • 11. Threat modelling is the new black The intimate knowledge of your systems, tools and their becoming, both technical and functional, is crucial: Weigh in and structure your strategy.
  • 12. Thanks! Rayna Stamboliyska Security and Compliance (risk & crisis management) Author, “La face cachée d’Internet” (Prix du livre cyber “Grand public”, FIC 2018) rayna@rs-strategy.consulting @MaliciaRogue

Editor's Notes

  1. Add icons