NIS DIRECTIVE

Header Title
MAKE SURE YOUR COMPANY IS CYBER COMPLIANT With THE EUROPEAN NIS DIRECTIVE

Transposed into LAW no. 362/2018

section 1
Assess the level of compliance with the European NIS Directive. Ensure the services your company provides as OES or DSP meet the regulatory requirements.
We are dedicated in helping you achieve and demonstrate compliance by working together to increase your cyber resilience and strengthen your security posture. &nbsp

Regulatory compliance assessment against the principles of the NIS Directive

Consulting services helping you respond to the requirements needed to achieve compliance

Services delivered by experienced certified NIS auditors accredited by CERT-RO

Alignment and interconnection with CERT-RO cooperation services

Real-time 24/7 security incident response through our own CSIRT team

NIS DIRECTIVE REQUIREMENTS FOR OPERATORS OF ESSENTIAL SERVICES

The NIS Directive requires a set of measures that are to be implemented in terms of network and information security, starting with the 17th of November 2020. These measures are mandatory for digital service providers (DSPs) that provide IXP, DNS and TLD services and for operators of essential services (OES) in the following sectors:

why choose us left dark
ABOUT NIS DIRECTIVE - LAW no. 362/2018

Starting 12 of January 2019, the NIS Directive (EU Directive 2016/1148 of the European Parliament and of the Council of 6th July 2016) has been passed into national law no. 362/2018 by Romanian Parliament, in order to achieve a high common standard of network and information security across all Union member states that provide essential services for society.

As services rely more and more on IT network infrastructures, these measures aim to strengthen the level of preparedness of EU states in front of cyber security threats, thus leveraging the general trust in the Digital Single Market.

The NIS Directive therefore is an essential European regulation that ensures the sustainability of the new digital economy. Through Law no. 362/2018, the National Incident Response Center of Cyber Security ("CERT-RO") has been designated as the national competent authority for security of networks and information systems in accordance with the EU NIS Directive.

why choose us left dark
ABOUT NIS DIRECTIVE - LAW no. 362/2018

Starting 12 of January 2019, the NIS Directive (EU Directive 2016/1148 of the European Parliament and of the Council of 6th July 2016) has been passed into national law no. 362/2018 by Romanian Parliament, in order to achieve a high common standard of network and information security across all Union member states that provide essential services for society.

As services rely more and more on IT network infrastructures, these measures aim to strengthen the level of preparedness of EU states in front of cyber security threats, thus leveraging the general trust in the Digital Single Market.

The NIS Directive therefore is an essential European regulation that ensures the sustainability of the new digital economy. Through Law no. 362/2018, the National Incident Response Center of Cyber Security ("CERT-RO") has been designated as the national competent authority for security of networks and information systems in accordance with the EU NIS Directive.

why choose us left dark

NIS DIRECTIVE REQUIREMENTS FOR OPERATORS OF ESSENTIAL SERVICES

The NIS Directive requires a set of measures that are to be implemented in terms of network and information security, starting with the 17th of November 2020. These measures are mandatory for digital service providers (DSPs) that provide IXP, DNS and TLD services and for operators of essential services (OES) in the following sectors:

Slide
Operatori servicii esentiale - Energie
ENERGY
Operatori servicii esentiale - Transport
TRANSPORT
Operatori servicii esentiale - Utilitati Apa
DRINKING WATER SUPPLY AND DISTRIBUTION
health
Operatori servicii esentiale - Banci
BANKING
Operatori servicii esentiale - Piete Financiare
FINANCIAL MARKET INFRASTRUCTURES
Digital Service Providers - Online Marketplace
ONLINE MARKETPLACES & SEARCH ENGINES
Furnizori Servicii Digitale - Cloud
CLOUD COMPUTING
Operatori servicii esentiale - Infrastructuri digitale
DIGITAL INFRASTRUCTURE SECTORS
section 1
NIS DIRECTIVE NON-COMPLIANCE PENALTIES

Companies that fail to comply with the EU NIS Directive are subject to effective, proportionate and dissuasive penalties, with a fine between 3.000RON and 50.000RON in case of repeated violations, to a maximum limit of 100.000RON, with a subsequent fine in amount between 0,5% and 2% of turnover for companies with over 2.000.000RON fiscal value. For more details, please follow this link and read more general information on the NIS Directive.

penetration services
WE CAN HELP YOUR COMPANY ACHIEVE AND DEMONSTRATE COMPLIANCE:
Steps to be taken into consideration
1. COMPANY ANALYSIS

Our certified experts will help you determine if your company classifies in the Essential Service Operators or Digital Service Providers categories, according to the law, and notify CERT-RO to be registered in the Essential Service Operations Registry, accordingly.

2. REGULATORY COMPLIANCE ASSESSMENT

SafeTech Innovations will audit the current state of compliance your company meets and provide valuable insight into achieving and maintaining compliance, such as observations and recommendations to improve processes and implement technical measures.

3. TECHNICAL CONSULTING SERVICES

The next step is to implement those measures that will help you meet the compliance requirements in a cost effective way, avoiding the risk of regulatory penalties.

penetration services
4. AUDIT REPORT DELIVERED BY CERTIFIED NIS AUDITORS, ACCREDITED BY CERT-RO

In accordance with LAW No. 362/2018, our certified auditors will carry out a security audit that formally validates implementation of the minimum security requirements as stated by the law, and provide a certified auditor's opinion that will help you demonstrate compliance.

5. CERT-RO ALIGNMENT AND INTERCONNECTION

Our team ensures a seamless integration with the cooperation and alert service provided by CERT-RO.

6. REAL TIME 24/7 MONITORING AND THREAT DETECTION

We provide managed detection and response services to help you detect intrusions, malicious activity, monitor computer networks and systems, while immediately notifying CERT-RO - as the national CSIRT - regarding the incidents that may significantly impact your resilience and continuity in providing essential services.

penetration services
7. IMMEDIATE RESPONSE

Should a security incident occur, we will swiftly respond with an immediate action plan to ensure the restoration of services through sectorial CSIRT teams or specialized services such as Private CSIRT.

why choose us left dark
We monitor constantly for a safer cyber ecosystem at all times

Make sure your company is EU NIS Directive compliant with the help of our own STI – CERT: the only private operational CERT on the Romanian market. STI-CERT Managed Detection and Response (MDR) team is a certified CERT/CSIRT designed to augment your existing security operations.
STI-CERT provides security monitoring, incident analysis, incident response, threat hunting and threat intelligence.

benefits
OUR INTELLIGENCE FOR YOUR NIS DIRECTIVE COMPLIANCE:
MANAGED NEWORK & COMPUTER SYSTEMS

We ensure round-the-clock protection against all types of security threats, by defining policies and procedures to address network security, while understanding security risks and applying risk management for essential services providers.

DETECTION OF CYBER THREATS

Our elite team of threat hunters and forensic experts leverage a unified security platform to protect your network, by defining and documenting access to functions of essential services, stored and transmitted data, protection against malicious activity, and immediate recovery.

IMMEDIATE RESPONSE

We offer rapid incident response with concise remediation actions, and ensure essential services rapid restoration, as well as incident analysis. We also adapt our protection measures to prevent future cyber security incidents.

Slide
why choose us?
make sure your company is cyber security compliant under the European nis directive
In-depth expertise in cyber security

We ensure your business’ sustainability and success by seamlessly integrating our IT and OT/ICS security expertise and proprietary tools.

Strategic partnerships to strengthen your business security

We bridge the gap between companies and tech innovators by partnering with innovation giants and vendors, such as NATO and renowned R&D National Institutes.

Applied and state-of-the art human intelligence

Our team of cherry-picked specialists lead the path in the local IT landscape, while being 100% dedicated to provide the most suitable solutions for your business.

Make an appointment

Let us get to know your business and see how we can help:

[contact-form-7 404 "Not Found"]
Make an appointment

Let us get to know your business and see how we can help:

    why choose us

    We are the only company in Romania and one of the few European entities listed on the NATO TRUSTED INDUSTRY PARTNER ROSTER, as well as an active member of the NATO INDUSTRY CYBER PARTNERSHIP (NICP). Our human intelligence and cyber capabilities helped implement several projects with ENISA (European Union Agency for Network and Information Security). Our company is also an active part in Romania’s cybersecurity international exercises, organized by NATO and Enisa on a yearly basis.

    WHY WORK WITH US?

    • Ensure NIS Directive compliance by working with a certified team of experts in different Information Security domains, dedicated to help you achieve compliance and assist you in improving your security posture.
    • Experience customized service level and immediate response time.
    • Receive comprehensive security auditing on a regular basis.

    Make an appointment

    Let us get to know your business and see how we can help:

      Make an appointment

      Let us get to know your business and see how we can help: