NIS2 #2: Blocking websites

Find out how to meet the most important requirements in a few simple steps

NIS2 in a nutshell

We come with another dose of information on NIS2. Today we’ll discuss what key security standards the directive entails and provide specific solutions to help your entity comply with the new regulations. Learn how to increase security, avoid penalties and ensure compliance with the new regulations!

Who is bound by the NIS2 directive?

Public and private entities

When did the directive come into effect?

January 16, 2023

When should changes be made?

October 17, 2024

When will the regulations take effect?

Q1 2025

NIS2 and applicable safety standards

The NIS2 directive requires compliance with certain security standards, which are in line with international standards such as ISO/IEC 27001 and IEC 62443. Implementing these standards ensures full risk management, information protection and NIS2 compliance. ISO/IEC 27001 is an international information security management standard that will help you protect sensitive data, while IEC 62443 is a standard that focuses on protecting industrial automation systems. Meeting these standards not only minimizes the risk of cyber threats, but also facilitates compliance with NIS2 requirements.

How to meet NIS2 requirements with eAuditor?

Blocking websites

USE CASE

In connection with the implementation of the NIS2 directive’s provisions in the unit, it has become necessary to control the websites visited by employees and block specific unsafe addresses. The provisions of the NIS2 Directive stipulate the need for specific protection measures provided against accidental visits by employees to potentially dangerous sites or sites with unauthorized or unknown content. This corresponds to the requirements of Article 23 of the directive for detecting and eliminating risks associated with access to malicious websites. To this end, the unit decided to implement the eAuditor solution.

A system agent was installed on the computers.

Agent configuration including web monitoring with set blocking of specific web addresses was sent out to computers.

This allowed the unit to monitor and control the Web sites visited by all employees and block the sites visited.

In the above way, the unit has raised security standards by subscribing to the rules of the NIS2 directive.

Learn more about eAuditor website blocking -. https://www.eauditor.eu/blokowanie-stron-www-i-uruchamianych-procesow/

NIS2 – Meet answers to questions

Q&A section

Due to numerous questions about NIS2, we have prepared a comprehensive list for you, in which we answer the most pressing issues related to the directive.

Question 1: Does the implementation of NIS2 require major changes to the existing IT infrastructure?

Implementing NIS2 may require adapting the existing IT infrastructure, but this does not always mean a full systems upgrade. It is important to make sure the current infrastructure meets the requirements for risk management, incident monitoring and technical safeguards. Solutions such as the eAuditor system can support the implementation of appropriate tools without extensive changes, adapting to the needs and capabilities of many entities.

Question 2: What risks are most common in NIS2 non-compliant entities?

Entities not compliant with NIS2 standards are more vulnerable to cyber attacks such as ransomware, data leaks and unauthorized access to systems. Lack of incident reporting and risk management can also lead to significant financial losses.

Question 3: Does NIS2 only apply to large companies?

No, NIS2 applies to both large and medium-sized entities in critical sectors such as energy, health, transportation, finance or digital infrastructure. Regardless of size, if your entity operates in a critical sector, you are required to comply with the directive’s requirements.

NIS2 Essentials – useful links and resources

Want to learn more about NIS2 and the regulations that may affect your entity? We’ve put together the most important resources for you to help you better understand the upcoming changes.

EU Parliament and Council Directive 2022/2025: Read the official NIS2 document

The latest information about NIS2 on Biznes.gov.pl: Check what obligations you have to meet

Directory of BTC systems that will help you comply with the NIS2 directive – Read -. https://www.eauditor.eu/dyrektywa-nis2-odpowiedz-unii-europejskiej-na-rosnace-cyberzagrozenia/

Law on National Cyber Security System -. https://isap.sejm.gov.pl/isap.nsf/download.xsp/WDU20180001560/U/D20181560Lj.pdf