Back ZIUR updates Urola Kosta companies on NIS2
ZIUR updates Urola Kosta companies on NIS2
The webinar given together with the Urola Kosta Agency was aimed at managers and IT professionals
ZIUR has given a cybersecurity webinar together with the Urola Kosta Development Agency, with the aim of raising awareness among the ten professionals who have connected about the risks, both cyber and business, arising from non-compliance with the obligations imposed by the European NIS2 directive. Under the title "NIS2: Keys and tools for compliance with the new European directive on cybersecurity", representatives of companies in this region, especially managers and IT managers, have been able to delve deeper into the new cybersecurity regulations that will affect their companies.
In the first part of the workshop, the director of the Foundation, María Penilla, has presented the state of the art of Operational Technology (OT) environments, to raise awareness about the importance of dealing with computer security in production systems. In this sense, she has stated that "connected OT environment devices, Internet of Things (IoT) devices, and connected medical devices (IoMT), are increasingly targets for cyberattacks." “In 2023, 1,500 vulnerabilities have been reported to the Cybersecurity and Infrastructure Security Agency (CISA) in relation to these devices; 23% of OT vulnerabilities received a score, according to the Common Vulnerability Scoring System (CVSS) scale, of 9.0 out of 10 or even higher," she warned.
After the introduction, Penilla presented the new cybersecurity regulations, with NIS2 as the protagonist due to its recent entry into force on October 1. In this sense, the expert has addressed different aspects of this directive, which aims to unify cybersecurity practices among the Member States of the European Union.
Among other aspects, she has contextualized the new regulation by referring to its predecessor NIS and has mentioned the changes and obligations it contemplates, as well as a list of measures and technologies to help these companies with their implementation. In addition, she has recalled the sectors of application, the deadlines and sanctions for non-compliance and has made a mention of other relevant cybersecurity regulations such as the Cyber Resilience Act (CRA).
Finally, Penilla has presented ZIUR's new AI tool for queries on NIS2, 'ADI' NIS2', a virtual assistant always available to answer questions about regulations, such as how to implement security measures. The director of ZIUR closed the session with a list of grants for improving companies' cybersecurity.