The global cyber context in recent years has led to a growing need for regulation and security of cyberspace.
One of these ways is the NIS Directive. The emergence of the NIS (Network and Information Systems) Directive was prompted by the need to respond to the growing global cyber threat. In recent years, the number of cyber attacks has increased significantly and the consequences of these attacks can have a negative impact on the economy, society and the public sector. Against this backdrop, the European Union has deemed it necessary to create a common framework to improve the security of Europe’s major information systems and networks.
The aim of the NIS Directive is to ensure adequate protection of public and private interests and to improve the ability of EU Member States to deal with cyber threats. It focuses on identifying, preventing and managing risks at national and European level, and on working together between Member States to tackle these threats.
This act (2016/1148) was adopted in 2016 and aims to improve cybersecurity and prevent potential risks to the European economy, society and the public sector that may result from cyber-attacks or technical incidents. The NIS Directive applies to operators of essential services (OSEs) such as energy, transport, health, financial services and basic public services and has been transposed into national law in EU Member States.
In Romania, it has been transposed into national law as Law no. 362/2018.
As key points, the key service operators are :
- need to implement a number of security requirements
- have to be audited annually by an NIS accredited auditor
- liable to amnesties starting from 3000
CYSCOE becomes an accredited auditor with the number 8046, under the name of “ASSOCIATION OF CLUSTER OF EXCELLENCE IN CYBERNETIC SECURITY”. CYSCOE differentiates itself as a quality auditor, bringing under its umbrella the expertise of over 500 security audits performed both in Romania and globally.
The official list of NIS accredited auditors can be found on the DNSC website in the lists dedicated to both legal entities and individuals.
