December 16, 2015
Guest blog post by Nick Coleman, Global Head Cyber Intelligence at IBM .
Cybersecurity attacks on vital network infrastructures pose a growing threat in Europe and around the world. Governments and the private sector need to be better prepared.
The finalisation of the Network and Information Security (NIS) Directive is therefore a real step forward for cybersecurity in the European Union (EU). For the first time network and information systems throughout the EU will benefit from a graded and harmonised approach to cybersecurity. The directive will help improve Member State cybersecurity capacity.
The public consultation process – since the directive was first proposed by the European Commission in February 2013 – has succeeded in greatly tightening the focus and the effectiveness of the initiative. The agreed text now provides a solid basis for collaboration between governments; it rightly concentrates on highly critical infrastructures and networks such as power grids, financial and transportation systems and it allows for continued investment in private-sector R&D.
For example, the directive’s risk-based approach makes a clear distinction between digital services and critical infrastructures, thus allowing national authorities and critical infrastructure operators to better prioritise their efforts. This ensures that Europe will be well prepared to deal with threats and to focus efforts on those infrastructures which carry the most socio-economic risk.
Similarly, the directive establishes a series of graded thresholds for reporting cyber incidents. Such an approach is appropriate and will improve responses to genuine cyber threats.
As one of Europe and the world’s leading digital services providers, IBM will be actively supporting the implementation of the NIS Directive with our clients.
Of course, while the NIS Directive is an important milestone, it is not the end of the cybersecurity journey. And all organisations – not just critical infrastructure operators – need to be vigilant.
Building an ecosystem of protection with a focus of sharing threat intelligence information is something which the emerging landscape rightly focuses on. For our part to support industry, government and other partners, IBM launched the X-Force Exchange platform that allows cybersecurity experts to access a vast database of cyber threat data and share insight into the latest attacks.
Intelligence rightly drives a lot of the understanding where to focus efforts and ensure resilience is built in, as well as where to monitor. And through the X-force 2015 report we highlighted the top four cyber threat trends of 2015 and a lot more besides in the report: http://ibm.co/1OJkd8N
By successfully implementing the NIS Directive, the EU can provide the consumer trust and security that are the building blocks of the nascent Digital Single Market.Blogactiv Team