We have received the code SOS from the  Regulated Business in Europe 

 NIS 2 Directive is here and AdvisionIT  can help 
Comprehensive Solutions and PROFESSIONAL HELP for Cybersecurity Compliance

 

 

The Network and Information Security Directive 2.0 (Directive (EU) 2022/2555, or "NIS 2 Directive") was adopted in December 2022 by the European Parliament and Council of the European Union in response to the growing threat of cyberattacks and the resulting need to strengthen defences (including technical defences) against such incidents. All EU member states must comply with the updated and expanded IT security standards set forth in this Directive. 

This website aims to enlighten you about the expanded and new obligations imposed on businesses operating in the European market by the NIS 2 Directive, as well as how Sophos solutions can assist you in meeting these obligations.

 

 

 

 Roadmap: from NIS 1 to NIS 2 

The first cyber security standardization efforts were incorporated into the legislative frameworks of EU member states in 2016 with the adoption of the first Network and Information Security Directive (Directive (EU) 2016/1148, or "NIS 1 Directive"). The NIS 2 Directive was approved by the European Parliament and Council in December 2022, revising and expanding the EU's cybersecurity regulations. The NIS 2 Directive needs to be transformed into national law before it can be implemented directly in member states because it is a directive rather than a regulation. It is consequently necessary for national lawmakers to change their national IT security laws by October 17, 2024, the timeframe established by European legislators. Companies are not have to comply with the new regulations until October 18, 2024, even if national legislators reach this date earlier than expected. However, businesses are strongly encouraged to look at the NIS 2 Directive's new criteria and any potential effects as soon as feasible.

 

 

 Broadened scope of the NIS 2 Directive 

The NIS 2 Directive currently includes 18 governmental and private sectors, greatly expanding its prior reach. Since the NIS 2 Directive is a European directive, it can only be applied in specified situations when there is an EU relationship. As a result, organisations that offer their services or conduct business within the European Union are covered by the Directive. The NIS 2 Directive at most indirectly affects a firm that works as a supplier to a European company and does not itself supply services in the EU or do business in the EU through particular risk management measures.

The following 18 sectors are covered by the NIS 2 Directive:

SECTORS OF HIGH CRITICALITY
(ANNEX I OF THE NIS 2 DIRECTIVE):
OTHER CRITICAL SECTORS
(ANNEX II OF THE NIS 2 DIRECTIVE):
Energy Postal and courier services
Transport Waste management
Banking Manufacture, production and distribution of chemicals
Financial market infrastructures Production, processing and distribution of food
Health Manufacturing
Drinking water Digital providers
Waste water Research
Digital infrastructure  
ICT service management (B2B)  
Public administration  
Space  

 

 

 

Cybersecurity as a management task 

European legislators have made it apparent through the NIS 2 Directive that they believe every company's top management should be in charge of maintaining cybersecurity and averting IT security issues. Article 20(1) of the NIS 2 Directive mandates that the "management bodies" oversee adherence to risk management protocols and, more crucially, bear personal accountability for any transgressions in this domain.

Notwithstanding any national laws governing the liability of public workers or other public authorities, public administration entities may also be affected by these effects, as stated in Article 32(6) of the NIS 2 Directive. In this regard, it is unclear how the member states would specifically implement and set up the management liability.

 

 

 Various Cybersecurity products for operators of essential and important entities 

NIS2 DIRECTIVE REQUIREMENTS ADVISION IT SOLUTION HOW IT HELPS
Chapter IV, Article 20, Governance
2. Member States shall ensure that the members of the management bodies of essential and important entities are required to follow training, and shall encourage essential and important entities to offer similar training to their employees on a regular basis, in order that they gain sufficient knowledge and skills to enable them to identify risks and assess cybersecurity risk management practices and their impact on the services provided by the entity. Vendor Sophos - Training and Certifications Training courses and certifications to help partners and customers get the best out of Sophos security deployments; access to latest know-how and expertise for security best practices.
Vendor Sophos - Phish Threat Provides simulated phishing cyberattacks and security awareness training for the
organization’s end users. Courses cover a wide range of topics from phishing and cybersecurity overview lessons, through to data loss prevention, password protection and more.
Vendor Acronis - Security Awareness Training  Security awareness training (SAT) educates individuals within organizations to recognize and mitigate cybersecurity threats, ensuring they can protect sensitive data, comply with regulations and cyber insurance requirements, and 
prevent potential breaches. This is critical for enhancing an overall organizational security posture.
Vendor Acronis - Managed Security Awareness Training Security awareness training (SAT) is essential for addressing the human factor of cybersecurity, meeting 
requirements set by compliance frameworks and cyber insurance mandates. 
Chapter IV, Article 21, Cybersecurity risk-management measures

2. Member States shall ensure that essential and important entities take appropriate and proportionate technical, operational and organisational measures to manage the risks posed to the security of network and information systems based on:

a)policies on risk analysis and information system security;

 

Vendor Sophos - Intercept X for Workstation & Laptop
Sophos Intercept X for Server
Integrates innovative technology like deep learning, anti-exploit, and anti-adversary into malicious traffic detection with real-time threat intelligence to help prevent,
detect, and remediate threats with ease across all devices and platforms.

Vendor Sophos - Firewall SECaaS Price

Vendor Sophos - Firewall Brochure

Vendor Sophos - Network Switches

Leverages Sophos’ industry-leading machine learning technology (powered by SophosLabs Intelix) to instantly identify the latest ransomware and unknown threats before they get on your network.Delivers advanced protection from the latest drive-by and targeted web malware, URL/ Malicious site filtering, Web Application Filtering, Cloud-based filtering for offsite protection.

Vendor Sophos - Cloud Optix SECaaS Price

Vendor Sophos - Cloud Optix (Cloud Posture Management) Case Study

Continuously monitors and detects drift in configuration standards, and prevents, detects,and automatically remediates accidental or malicious changes in resource configuration.
Vendor Sophos -Synchronized Security feature in Sophos products (Firewall, Server & Workstation (endpoint) protection), Cloud etc) Shares telemetry and health status, enabling coordinated isolation, detection, and malware remediation across servers, endpoints, and firewalls – stopping advanced attacks.

Vendor Sophos - Managed Detection and Response (MDR) for Servers SECaaS Price

Vendor Sophos - Managed Detection and Response for Workstations/Laptops SECaaS Price

Vendor Sophos - Managed Detection and Response (MDR) Solution Brief

24/7 threat detection and response identifies and neutralizes advanced cyber-attacks that technology alone cannot stop.

Vendor Logsign - Unified SecOps Platform Bundle

What are the key differences between SIEM, SOAR, XDR & Logsign
Unified SO Platform?
2. b) incident handling;

Vendor Sophos - Managed Detection and Response(MDR) for Servers SECaaS Price

 Vendor Sophos - Managed Detection and Response for Workstations/Laptops SECaaS Price

Vendor Sophos - Managed Detection and Response (MDR) Datasheet

Continuously monitors signals from across the security environment, including network, email, firewall, identity, endpoint, and cloud technologies, enabling us to quickly and accurately detect and respond to potential cybersecurity events. Full incident response service is included as standard, providing 24/7 coverage delivered by IR experts. Includes full root cause analysis and reporting. Our average time to detect, investigate and respond is just 38 minutes.
Vendor Sophos - Rapid Response Service Enables fast assistance, identifying and neutralizing active threats against your
organization – delivered by an expert team of incident responders.
Vendor Sophos -Synchronized Security
in Sophos products
Shares telemetry and health status, enabling coordinated isolation, detection,
and malware remediation across servers, endpoints, and firewalls.
Vendor Acronis - XDR Solution Advanced Security + XDR
Vendor Acronis - MDR Solution Acronis MDR
Vendor Crowdstrike - XDR & MDR Solution Falcon Complete Next Generation MDR
Vendor Bitdefender  - XDR & MDR Solution Bitdefender MDR Plus Datasheet
2. c) business continuity, such as backup management and disaster recovery, and crisis management; Vendor Sophos - Managed Detection
and Response (MDR)
Ensures the information security aspect of business continuity management with 24/7 detection of and response to security incidents across the IT
environment, leveraging human expertise, AI, and advanced technologies.
Vendor Sophos - Intercept X
Vendor Sophos - Intercept X for Server
Integrates innovative technology like deep learning, anti-exploit, and anti-adversary into malicious traffic detection with real-time threat intelligence to help prevent, detect, and remediate threats with ease across all devices and platforms. Includes rollback to original files after a ransomware or master boot record attack. Provides forensic-level remediation by eradicating, malicious code as well as eliminating nasty registry key changes created by malware.
Vendor Sophos - Cloud Optix SECaaS Price Monitors AWS, Azure and GCP accounts for cloud storage services without backup schedules enabled and provides guided remediation.

Vendor Acronis - Backup & Disaster Recovery Cloud Solutions

Vendor Acronis - Backup & Disaster Recovery Datasheet

Acronis Cyber Protect Cloud is a unique integration of backup with full-stack next-generation anti-malware protection and comprehensive endpoint management tools. This synergy eliminates complexity, so we can protect customers better while keeping costs down.
2. d) supply chain security, including security-related aspects concerning the
relationships between each entity and its direct suppliers or service providers;

Vendor Sophos - Intercept X with XDR for Laptops

Vendor Sophos - Intercept X with XDR for Servers

Provides comprehensive defense in depth against threats that get in via third-party suppliers using AI, exploit prevention, behavioral protection, anti-ransomware and more. Plus, powerful XDR functionality enables you to automatically identify suspicious activity, prioritize threat indicators, and quickly search for potential threats across your endpoint and servers.

Vendor Sophos - Managed Detection and Response (MDR) for Laptops & Workstations SECaaS Price

Vendor Sophos - Managed Detection and Response (MDR) for Servers SECaaS Price

Vendor Sophos - Managed Detection and Response (MDR) Datasheet

Delivers expert threat hunting and remediation as a fully managed service.Sophos specialists work around the clock to proactively hunt for, validate, and remediate potential supply chain threats and incidents on your behalf.
Vendor Sophos - ZTNA white paper Safeguards against supply chain attacks that rely on supplier access to your systems via very granular access controls. This cloud-delivered solution validates user identity, and device health and compliance before granting access to resources. It authenticates requests from trusted partners, irrespective of the location.
2. e) security in network and information systems acquisition, development and maintenance, including vulnerability handling and disclosure; Vendor Sophos - Managed Detection
and Response (MDR)
Our threat-hunting experts monitor and investigate alerts from across the network, leveraging network, firewall, cloud, email, and endpoint security tools to identify and investigate suspicious activities and protect personal data wherever it resides. Sophos NDR generates highcaliber
actionable signals across the network infrastructure to optimize cyber defenses. Sophos MDR proactively responds to vulnerability disclosure by the client. On notification, a full investigation is initiated that looks for signs of exploitation. If necessary, Sophos MDR will remediate the incident and provide guidance on how to harden the environment against future exploitation. A full human-authored report is provided in response to the disclosure investigation.
Vendor Acronis - Vulnerability Assessment and Patch Management  Acronis Vulnerability Assessment and Patch Management with support for Microsoft. 
Vendor Flexera - Vulnerability Management Enterprise class of Vulnerability and Patch Management Solution for big enterprices with 3rd party integrations

Vendor Vicarius - Vulnerability Management Whitepaper

Vendor Vicarius - Unique Value Points - vRx Platfrom

Enterprice class of Vulnerability and Patch Management Solution with support of Microsoft, Linux, MacOS 
2. f) policies and procedures to assess the effectiveness of cybersecurity risk-management measures; Vendor Sophos - Managed Detection and Response (MDR) Investigates and assesses potential security risks across the full environment 24/7, leveraging world-leading threat intelligence from Sophos X-Ops to identify risk levels and prioritize response.
2. g) basic cyber hygiene practices and cybersecurity training; Vendor Sophos - Training and Certifications Training courses and certifications to help partners and customers get the best out of Sophos security deployments; access to latest know-how and expertise for security best practices.
Vendor Sophos - Phish Threat Provides simulated phishing cyberattacks and security awareness training for the organization’s end users. Courses cover a wide range of topics from phishing and cybersecurity
overview lessons, through to data loss prevention, password protection and more.
2. h) policies and procedures regarding the use of cryptography and, where appropriate, encryption; Vendor Sophos - Central Device Encryption Protect devices and data with full disk encryption for Windows and macOS. Verify device encryption status and demonstrate compliance.
Microsoft -  Technological Stack of Solutions  Protection of devices and data with full disk encryption managed by Microsoft Cloud
Vendor Acronis -  Cyberprotected Backup To protect business-critical data, backup is not enough – clients need
the integrated approach of cyber protection.The Advanced Backup pack
for Acronis Cyber Protect Cloud enables you to extend the cloud backup capabilities your clients require to proactively protect their data.

Vendor Sophos - Email datasheet

Vendor Sophos - Email solution brief
Vendor Sophos - Next Generation Firewall

Offers TLS encryption and support for SMTP/S along with full pushbase, and optional pull-based portal encryption.
Vendor Sophos - Mobile Enforces device encryption and monitors compliance relative to encryption policy.
2. i) human resources security, access control policies and asset management; Vendor Sophos - Managed Detection and Response (MDR) Threat-hunting experts monitor and correlate information system activity across
the full IT security environment, identifying and investigating suspicious activities
by regularly reviewing records of information system activity, such as audit logs,
access logs, access reports, and security incident tracking reports.
Vendor Sophos - Next Generation Firewall User awareness across all areas of our firewall governs all firewall policies and reporting,
giving user-level controls over applications, bandwidth, and other network resources.
Vendor Sophos - Sophos Central Keeps access lists and user privileges information up to date. Procedures are in place to ensure that access rights are revoked if individuals no longer meet the conditions to receive access (e.g., because they change position or leave the company).
Vendor Sophos - Sophos ZTNA Enables better security and more agility in quickly changing environments by making it quick and easy to enroll or decommission users and devices. Continuously validates user identity, device health, and compliance before granting access to applications and data.
Vendor Sophos - Cloud Optix SECaaS Price Inventory management across multiple-cloud providers with continuous asset monitoring and complete network topology and traffic visualization.
Vendor Acronis - Software Inventory The Advanced Management pack of Acronis adds automation via patch management and scripting and a complete toolkit for endpoint monitoring and management.
2. j) the use of multi-factor authentication or continuous authentication solutions, secured voice, video and text communications and secured emergency communication systems within the entity, where appropriate Vendor Sophos - Next Generation Firewall Supports flexible multi-factor authentication options including
directory services for access to key system areas.
Vendor Sophos - Sophos ZTNA Continuously validates user identity, device health, and compliance
before granting access to applications and data.
Vendor Sophos - Sophos Central Protects privileged and administrator accounts with advanced two-factor authentication.
Vendor Sophos - Cloud Optix SECaaS Price Monitors AWS/Azure/GCP accounts for Root user and IAM user access
with MFA disabled so you can address and ensure compliance.

Chapter IV, Article 23, Reporting obligations

4. Member States shall ensure that, for the purpose of notification under paragraph 1, the entities concerned submit to the CSIRT or, where applicable, the competent authority:


d) a final report not later than one month after the submission of the incident notification under point (b), including the following:
(i) a detailed description of the incident, including its severity and impact;

 

 

Vendor Sophos - Managed Detection
and Response (MDR)


 

On notification, a full investigation is initiated that looks for signs of exploitation.If necessary, Sophos MDR will remediate the incident and provide guidance on how to harden the environment against future exploitation. A full humanauthored
report is provided in response to the disclosure investigation.

Vendor Logsign - SecOps Platform Datasheet

Vendor Logsign - Unfied SecOps Platform Bundle

Logsign SIEM/SOAR solution with reporting capabilities for medium and enterprise type of business. Onpremise type of solution.

Vendor Logpoint - SIEM&SOAR Solution with UEBA capabilities 

Logpoint SIEM/SOAR solution with reporting capabilities for medium and enterprise type of business. SaaS/Cloud type of solution.

4. Member States shall ensure that, for the purpose of notification under paragraph 1, the entities concerned submit to the CSIRT or, where applicable, the competent authority:

d) a final report not later than one month after the submission of the incident notification under point (b), including the following:

(ii) the type of threat or root cause that is likely to have triggered the incident;

 

 

Vendor Sophos - Managed Detection and Response (MDR) Sophos MDR investigates and assesses potential security risks across the full environment 24/7, leveraging world-leading threat intelligence from Sophos X-Ops. Full root cause analysis by Sophos MDR enables the environment to be hardened and response plans and strategies to be updated to incorporate learnings.
Vendor Sophos - Sophos XDR Goes beyond the endpoint, pulling in rich network, email, cloud and mobile data sources to give you an even broader picture of your cybersecurity posture with the ability to drill down into granular detail when needed. With data from each product flowing into the Sophos Data Lake, you can quickly answer business critical questions, correlate events from different data sources and take even more informed action. For eg., you can cross-reference against network information to get a broader view of an incident or what happened to devices that were knocked offline in an attack.

Vendor Logsign - SecOps Platform Datasheet

Vendor Logsign - Unfied SecOps Platform Bundle

Logsign SIEM/SOAR solution with reporting capabilities for medium and enterprise type of business. Onpremise type of solution.

Vendor Logpoint - SIEM&SOAR Solution with UEBA capabilities 

Vendor Logpoint - Cyberdefense Platform 

Logpoint SIEM/SOAR solution with reporting capabilities for medium and enterprise type of business. SaaS/Cloud type of solution.

 

 

 

  ADVANCED VISION IT - LUXEMBOURG      

Advanced Vision IT (Luxembourg) S.à r.l.-S
Address: 122 rue de Rollingergrund, L-2440 Luxembourg, Grand Duchy of Luxembourg
RCS No: B278174,  Business permit No: 10154740/0, VAT: LU34980131
Phone: +352 621 424 284, Email: office@advisionit.lu    
 
  ADVANCED VISION IT - BULGARIA      

Advanced Vision IT LTD

Address: 35 Dimitar Hadzhikotsev str. Ent A, Lozenets, Sofia, Bulgaria
ID No: 205789039, VAT No: BG205789039
Phone: +359 888 258 530, Email: office@advisionit.com