Globeteam
NIS2 implementation
Feel free to contact me if you want to hear more
- Morten Eeg Ejrnæs Nielsen
- men@globeteam.com
- +45 2972 4610
Get expert help with your NIS2 implementation
Globeteam’s array of cross-sectoral NIS2 security services encompass everything from strategic risk analysis to technical setup, implementation of security solutions and application security.
Compliance is always the hardest, most expensive and time-consuming part of an implementation, and it often needs to be done when you are trying to catch up with development. Globeteam can help with your NIS2 implementation so you can rest assured that you will be fully compliant.
For suppliers and operators of key services, NIS2 will become an exercise in creating a holistic view of the core business, answering questions such as: which of our IT support processes ensure our deliverables? Which systems do we use and how are they protected? Which sub-suppliers and partners do we work with and how are their systems protected? What is our contingency plan in case of a breakdown? These are some of the risk scenarios that need to be set out as part of an NIS2 implementation.
In this video Morten Eeg Ejrnæs Nielsen explains how we at Globeteam can help your company become NIS2 compliant.
Globeteam delivers a cross-sectoral NIS2 implementation
An NIS2 implementation will consist of many tasks, all involving different departments and requiring contributions from parties such as lawyers, the IT department and heads of business. Instead of executing and communicating in silos, Globeteam ties the entire NIS2 project together so that you’ll reach your objective in a faster and more cost-effective way. This means that you avoid overlapping deliveries, and have a well thought out security model where all aspects of NIS2 are under control.
Globeteam is one of the few consultancy firms in Denmark to cover all the strategic and technical security disciplines of an NIS2 implementation:
- We have a business unit that works with strategic risk management, uncovering vulnerabilities, prioritising efforts, and creating roadmaps for future development, among other things. A risk-based approach to NIS2 starts with the areas of your business that carry the greatest risks. In the context of key services, we focus on how your most important systems can be rebuilt, how you can minimise any harmful effects, and how you can quickly get back to normal operations.
- We have a business unit with extensive knowledge of operational security in IT and production environments that support many business processes. There are many businesses involved in the production and delivery of key services and goods, and their respective value chains. NIS2 will mean any systems that form part of the production environment are subject to completely new security requirements. In future, the OT environment must be secured to the same standards as the rest of the IT infrastructure.
- We have a business unit that can implement security right across an application portfolio. In future, NIS2 will set high standards in terms of securing user accesses, roles and rights; both internally and for suppliers and partners.
NIS2 readiness assessments and extended analyses
For the analytical and technical part of the NIS2 work, we use many well-known methods and security tools as well as ones that we have developed ourselves.
We provide readiness assessments, looking into which systems will need to be secured in accordance with the new set of rules in NIS2. We make a list of priorities and integrate them into a roadmap. We can also carry out an extended analysis where we create an overview of your overall security architecture, surveillance capability, level of preparedness and supplier conditions.
We can use our NIS2 Assessment Tool – GLOBE-AT NIS2 – to make an initial assessment of your maturity level. GLOBE-AT NIS2 is a free questionnaire-based tool completed online. After you have filled in the questionnaire, we develop a mini report that we send to you. The report sets out your maturity level, plotting your results into a diagram.
NIS2 in a Zero Trust context
Many of the increased requirements of NIS2 are in line with the security principles of Zero Trust. There is a high level of complexity involved in managing data and systems across on-premise, cloud and hybrid IT. This, along with flexible ways of working and a growing number of units, means that Zero Trust is Globeteam’s recommendation for a security architecture fit to support both external legal requirements and internal business needs.
We work with the Zero Trust principles deep within your system landscape, meaning you have control over who can access what and under which circumstances. We can often achieve a lot by cleverly re-using the existing security solutions and adjusting them in accordance with NIS2 requirements.
In the following videos, Jesper Hanno Hansen explains how we use the Zero Trust principles in our work with NIS2 and Christoffer Meier gives an insight into how we ensure that application environments and software solutions are NIS2 compliant.
Strategic deliveries and technical know-how
One of our great strengths here at Globeteam, apart from our outstanding strategic deliveries, is that we can also help with technical implementation of any security solutions that may be required to secure compliance.
Instead of having different suppliers connecting your NIS2 plan across solutions and processes, you can have one advisor from Globeteam managing all disciplines. When we are involved with an NIS2 project, we establish a common understanding of the task and communicate it in a common language so that management can more easily steer the company through the project.