Impact of NIS2 on corporate cybersecurity strategies

Ádám Kalina, Deputy Commercial Director - Chief Underwriting Officer of our Hungarian branch summarized how NIS2 is reshaping business operations and how cyber and D&O insurance can play a crucial role in achieving compliance.

 “NIS2 presents a formidable compliance challenge but also an opportunity to elevate cybersecurity standards. By increasing accountability at the executive level, the directive promotes a culture of proactive cybersecurity. Cyber and D&O insurance can support companies by managing the financial risks associated with cybersecurity incidents, enabling them to pursue sustainable compliance and resilience in an increasingly digital landscape.”

Key changes and impacts of the NIS2 directive

• NIS2 demands a risk-based approach, requiring ongoing security controls and regular audits.
• NIS2 mandates that top executives become directly involved in cybersecurity strategies and incident response.
• With NIS2, companies must report cybersecurity incidents to relevant authorities without delay, enhancing EU-wide cooperation and accelerating response times.

Compliance strategies

Organizations should routinely assess vulnerabilities and ensure the necessary protections are in place. Network monitoring and security technology updates are key to maintaining compliance. Continuous education and training for executives and employees are critical to maintaining cybersecurity awareness and readiness for NIS2’s specific demands.

Using cyber and D&O insurance in risk management and cybersecurity strategies can help to the companies to reduce financial exposure.

How risks can be managed by Cyber and Directors & Officers (D&O) insurance:

• Cyber insurance covers various costs related to managing cyberattacks and incident recovery, which have become even more crucial under NIS2’s heightened standards.
• D&O insurance helps protect leaders against litigation and other claims related to cybersecurity failures.