The NIS2 Directive – the threat can come from inside your network.

Nowadays, digital services are essential for appropriate cooperation between customers, companies, and institutions. The digital market gave great opportunities for information exchange, trade, and cooperation. Unfortunately, growth contributes to new problems arising: the unavailability of key digital services that underpin the operation of enterprises, personal data leaks, confidential information leaks, as well as cyber-attacks, the main purpose of which may be extortion, ransom, or destabilization.

NIS Directive turns out to be insufficient due to shortness in requirements and exclusion of some relevant sectors of the economy. The more comprehensive tool to help counter the risk will be the NIS2 Directive, proposed by the European Commission as an amendment to the already existing EU law on digital security. Its scope was extended compared to the NIS directive and now includes public administration, digital service providers, trust service providers; food producers; electronics producing entities; car manufacturing entities; and postal and courier services.

The Human is the weakest link in Cybersecurity, those words are frequently repeated by specialists. Therefore, the key role of IT departments is the anticipation of what can happen, all for that to cover those security holes. To protect the company various security systems are implemented which are responsible for restraining users and responding to threats. A common trend is to choose at first solutions which defend against outside threats for example firewall or antivirus, forgetting that threats can come from inside our network directly from employees. We do not mean deliberate action by a dissatisfied employee. A security incident often occurs because of reckless action or negligence. That’s why it is so important to protect the company network from the inside, to have the knowledge of what devices are connected to the company network, who is behind those devices, and to reject unknown devices from it. By not controlling access to the network, we run the risk that an infected or vulnerable device may be connected, which may lead to serious consequences. By not using Network Access Control System we can’t act automatically when the threat occurs. So, what if the firewall or antivirus system detects a threat on the computer if it remains in the corporate network for several minutes, hours, or even days, causing infection of other devices working in the corporate network. The Network Access Control system's goal is not only to enforce policy on devices that access networks but also a reaction to information received from third-party solutions. In a situation when a firewall or anti-virus detects a threat on a computer, the NAC system will quarantine such a device from the network almost immediately, preventing the threat from spreading to the entire corporate network.

Therefore, when we think about the security of a company, institution or the entire country, a holistic and comprehensive approach that does not neglect any of its elements is very important. In today’s world of cyberattacks and data breaches, trusting a single antivirus tool or firewall is not enough to protect your enterprise’s infrastructure and systems.

All posts