NIS2 is an upcoming directive of the European Union on the security of networks and information systems. It is a part of a broader European initiative to significantly improve cybersecurity across a wide variety of organizations and industries. NIS2 is coming into force this autumn, affecting thousands of organizations in each EU member country. We had a closer look at the NIS2 directive in a special webinar and explained how midPoint can help with compliance.
The webinar was led by three speakers who presented three perspectives on NIS2 and midPoint. Peter Pištek from Securedo presented the viewpoint of an independent cybersecurity auditor and researcher. He introduced the scope and depth of the NIS2 regulation, illustrating the expected impact on European organizations. Radovan Semančík from Evolveum described how midPoint can help with NIS2 compliance, including the planned improvements and documentation enhancements that are underway. Martin Handl from Inalogy presented from the viewpoint of a midPoint deployment engineer, demonstrating midPoint’s functionality that can help with NIS2 compliance.
Take a look at the presentation or watch the recording:
NIS2 is an EU directive, therefore it is somehow vague on technical details. However, it sets a clear direction, referencing cybersecurity best practices and international standards. This is well aligned with Evolveum’s initiative to document compliance frameworks revelant for identity and access management, beginning with the ISO 27000 series. Contrary to the bold marketing claims across the industry, no product can be NIS2 compliant or guarantee NIS2 compliance. Only an organization can be compliant, not a product. However, midPoint is ready to help organizations reach compliance, and we are working hard on improving the product, as well as documenting the features and configuration relevant for cybersecurity compliance. Further results of this initiative will be presented in the ISO 27000 webinar on May 30th. Stay tuned.