Ann Keefe, Regional Director, UK & Ireland at Kingston Technology technical and organisational measures, companies must regularly assess and manage the cybersecurity risks within their supply chains, addressing potential vulnerabilities introduced by third-party vendors, suppliers and service providers.
NIS2 also introduces greater accountability for senior management. Company executives can face sanctions for non-compliance, incentivising businesses to prioritise cybersecurity at the highest levels of decision-making. In addition, the directive expands the list of sectors that must comply with its rules, ensuring that even more organisations adopt robust cybersecurity practices.
Taking a layered protection approach
For businesses, NIS2 presents both a challenge and an opportunity. While the increased regulatory demands have required – and will continue to require – time and money on preventative action and solutions, the directive will ultimately help companies strengthen their defences against cyberattacks.
Many CISOs will now have plans underway to ensure compliance, particularly when it comes to data integrity. The strict reporting requirements of the new regulations require that companies put in place measures such as encryption to maintain that level of integrity and create a barrier against breaches. Encryption, which ensures that data cannot be altered without detection, provides a strong basis for protecting data while it is in transit, however, the most important step that can be taken by CISOs if they want to ensure an extra layer of security is by using hardware encrypted external drives.
Hardware-encrypted external drives play a key role in mitigating vulnerabilities associated with storing sensitive data locally, such as on laptops or desktops. These drives integrate built-in encryption
38 WWW. INTELLIGENTCISO. COM