With all the attention on GDPR, don't forget about the NIS Directive

There's probably very few people who haven't heard of GDPR or know the basics of the regulation but how many have made sufficient plans to ensure their organisation or business is ready for the NIS Directive?

NIS or Network and Information Security Directive is another EU law that all EU member countries have adopted since the Spring of 2016 and which becomes law in May 2018. It also applies to non EU based businesses that transact with EU citizens. The key thing is to know if your company or organisation is classed as "operators of essential services" which could mean anything from providers of energy, transport, financial services and other core infrastructure services.

The NIS Directive will impose new network and information security requirements and yesterday the UK government launched a consultation aimed at determining how best to implement the new directive. They have said firms found guilty of failing to protect themselves from cyber attacks could face fines of up to ￡17 million or 4% of global turnover. So the consequences are severe and shouldn't be ignored.