The Directive on Security of Network and Information Systems (NIS Directive) aims to achieve a high common level of network and information systems security across the European Union. NIS will improve cyber security capabilities at the national level; increase cooperation on cyber security among EU member states; and introduce security measures & incident reporting obligations for operators of essential services (OESs) in critical national infrastructure and digital service providers (DSPs). In addition to this, financial institutes [being one of these operators of essential services] are subjected to the revised Payment Services Directive, effective from 13 January 2018. The PSD2 aims in particular at ensuring that all payment services offered electronically are carried out in a secure manner, adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.
You are invited to join LSEC and dive deeper into these Directives that [will] have a huge impact on Member State Governments, Critical Infrastructure Operators and suppliers of Cyber Security Products & Services. Free access for Governmental organizations, Critical Infra Operators and LSEC Members, click here to register
The Impact of the NIS Directive
On Member State governments:
Member States themselves are required to be appropriately equipped, e.g. via a Computer Security Incident Response Team (CSIRT) and a competent national NIS authority. They must take part in cross border activities and join a cooperation group to ensure cooperation among all the Member States, to support and facilitate strategic cooperation and the exchange of information. They will also need to set a CSIRT Network, in order to promote swift and effective operational cooperation on specific cybersecurity incidents and sharing information about risks. In addition to this, each Member State must identify the businesses in sectors that are vital for our economy and society and moreover rely heavily on ICTs and ensure that they take appropriate security measures and notify serious incidents to the relevant national authority. They are required to set their own national rules on financial penalties and must take the measures necessary to ensure that they are implemented. [It is likely that Member States will implement tough penalties similar to that of the GDPR].
On operators of essential services and digital service providers
The NIS Directive will introduce security measures and incident reporting obligations to these entities including financial penalties if these obligations are not met. They must take appropriate technical and organizational measures to secure their network and information systems; Take into account the latest developments and consider the potential risks facing the systems; Take appropriate measures to prevent and minimize the impact of security incidents to ensure service continuity; and notify the relevant supervisory authority of any security incident having a significant impact on service continuity without undue delay.
• Implementation of the NIS Directive, by Member State representatives
• Key learnings from Critical Infrastructure Operators, keynotes & panel discussions
• Preventive measures, active monitoring and breach notification
• Open Banking Revolutions & PSD2 RTS Security Challenges
• Breach notification as part of your Incident Response Plan & Operations, by Resilience - an IBM Company
• Ulrich Seldeslachts, CEO of LSEC
Ulrich Seldeslachts is executive director of LSEC.eu, a not for profit industry association focused on Cyber Security and Data Protection in Europe, based in Belgium and with operations in the Netherlands, UK and Germany. As a spinoff of KU Leuven university, LSEC is a thought leader on Cyber Security since 2002. LSEC is actively involved in initiatives and collaboration projects in data protection, Cyber Threat Intelligence (CTI), Insider Threats, , Cyber Security Market Analysis, Industrial Cyber Security and targeting Organized Crime and Terrorist Networks from a Cyber Crime perspective. LSEC has been a contributing partner to the European Network and Information Security Directive (NIS) in the WG3 on secure ICT research and innovation, and has been a local awareness informer in UK, Luxemburg, France, the Netherlands and Belgium.
• Pepijn Janssen, Founder & CTO at RedSocks
At the start of the millennium Pepijn was recruited by the Cyber Crime unit of the National Police Agency while still doing his computer sciences studies. 4 years later he joined the High Tech Crime Center of Europol to combat Cyber Crime on a larger scale. From 2008 he worked as independent consultant in the areas IP-interception and botnet monitoring. He founded RedSocks in 2012.
Level of Expertise: Advanced
Free entrance for :
• Enterprise CISO’s / Security Managers
• Critical Infrastructure Operators
- Banking and financial market infrastructures;
- Digital infrastructure.
• NIS Directive "Significant Market Operators"
- cloud & data center operators
- internet and telecom services providers
• Government / CERTS / CSIRTs
• ISAC Members
• LSEC Expert Members
Restricted entrance for:
• Companies that are offering Cyber Security Services and / or products [ and that are not a LSEC member]. Limited tickets are available; the ticket fee is EUR 350
You may confirm your participation via the event registration page