The Network and Information Security (NIS) Directive is the cybersecurity legislation across the European Union. Its main goal is to achieve a consistent and high level of cybersecurity among all Member States.
NIS2 refers to the second iteration of the Network and Information Security Directive. It is an updated legislation aimed at enhancing cybersecurity measures within the European Union. NIS2 seeks to strengthen the protection of critical infrastructure, promote incident reporting, and improve cooperation among Member States to mitigate cyber threats.
Member States are required to adopt a national cybersecurity strategy defining the strategic objectives and appropriate policy and regulatory measures with a view to achieving and maintaining a high level of cybersecurity.
The Directive also establishes a framework for Coordinated Vulnerability Disclosure and requires Member States to designate Computer Security Incident Response Teams (CSIRTs) to act as trusted intermediaries and facilitate the interaction between the reporting entities and the manufacturers or providers of ICT products and ICT services. ENISA is required to develop and maintain a European vulnerability registry for the discovered vulnerabilities.
Member States are required to put in place National Cybersecurity Crisis Management Frameworks, inter alia by designating national competent authorities responsible for the management of large-scale cybersecurity incidents and crises.
Member States are also required to designate one or more national competent authorities on cybersecurity for the supervisory tasks under this Directive and a national single point of contact on cybersecurity (SPOC) to exercise a liaison function to ensure cross-border cooperation of Member State authorities. Member States are also required to designate CSIRTs.
Each Member State shall adopt a national cybersecurity strategy defining the strategic objectives and appropriate policy and regulatory measures, with a view to achieving and maintaining a high level of cybersecurity.
Art. 5: National cybersecurity strategy
Any of the Soliton Products perfectly fits into IT security frameworks. Depending on the type of framework one or more required items are fulfilled with G/On.
Any of the Soliton Products perfectly fits into IT security frameworks. Depending on the type of framework one or more required items are fulfilled with MailZen.
Any of the Soliton Products perfectly fits into IT security frameworks. Depending on the type of framework one or more required items are fulfilled with NetAttest EPS.
Member States shall ensure that essential and important entities shall take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which those entities use in the provision of their services. Having regard to the state of the art, those measures shall ensure a level of security of network and information systems appropriate to the risk presented.
Article 18: Cybersecurity risk management measures
(d) supply chain security including security-related aspects concerning the relationships between each entity and its suppliers or service providers such as providers of data storage and processing services or managed security services;
(e) security in network and information systems acquisition, development and maintenance, including vulnerability handling and disclosure;
(g) the use of cryptography and encryption.
MailZen is a product that also shields internet facing applications from being visible from the internet. Ensuring protection from current and future vulnerabilities in for example On-Prem Exchange.
By prioritizing network protection against unauthorized access, MailZen guarantees complete encryption between end-users and the infrastructure that hosts the necessary application.
Whereas other products ensure the data integrity and potential vulnerabilities. NetAttest EPS takes of the risks introduced by the end-user. The goal is to remove or reduce the end-user interaction in the Security authentication Proces. By establishing certificate based network authentication