NIS2 – Network and Information System 2

 

On the basis of Article 89 of the Constitution of the Republic of Croatia, the Croatian Parliament adopted the Law on Cybersecurity at its meeting on January 26, 2024. The legislation was created based on the NIS2 EU directive. Companies subject to the law must apply risk management and administrative, physical, and logical cyber security measures commensurate with the risks in order to comply. The company or its manager that does not comply with the law may be banned from operating and may be fined up to 10 million euros or 2 percent of its annual global turnover.

The law applies to:

  • Companies with more than 50 employees
  • Companies with an annual revenue of more than 10 million euros

Sectors

NIS2 Timeline:

How can ITOP ITSM system help your organization?

In accordance with the law, the company must have accurate records of its entire infrastructure, which the ITOP Cmdb can fulfill:

  • Physical and virtual devices, clients, phones, all devices that run an active configuration and can access business data and systems.
  • Registration of protection devices: firewalls, gateways, spam filters, etc.
  • Network elements: ethernet switches, SAN switches, routers, etc.
  • Storage: Fc, Ethernet, etc.
  • Data Centers, rack cabinets
  • IP addresses
  • Software versions
  • Licenses
  • Certificates
  • Dependencies between devices, if one of them fails, then what does not work without it

 

ITOP Service management, part of it, helps with the following legal conditions:

  • Risk management
  • Services
  • Contracts, maintenance, protection, operation, etc.

 

The legislation states that it is not a problem if you are attacked, but it is if you do not report it to the Supervisor.

The ITOP helpdesk module is perfect for recording this

  • Incident management

 

ITOP Change management.

  • Supports tracking software and configuration versions , and devices with active configuration

 

How we can help in Cyber Defense:

Our company’s engineers and managers have several decades of experience in the planning, design and operation of infrastructure and cyber protection systems for banks and other large companies.

 We have already passed several Hungarian National Bank and Hunguard audits and obtained certificates.

 

Compliance with the NIS2 legislation requires a comprehensive survey on our part, where we highlight the shortcomings and then develop them in a cost-effective way.

ITSM