(5 min read)
Yes, we talked about this last month, but we felt we needed to reiterate this, as it will have a big impact.
So NIS2 is the update to the EU’s laws relating to cyber security. The updated law comes into effect on 17 October this year.
That’s only three months away. By 18 October 2024, you must be compliant with NIS2. Starting on that date, you need to have "your affairs" in order. However, you have until 18 March 2025 to register if you're within scope. But if you’re not in scope you should be ready by then too.
Think this doesn’t apply to you?
Well, even if you’re not based in the EU, NIS2 will apply to you if you trade with EU members. Perhaps not in law, but your clients will have to make sure their suppliers are up to scratch.
So that means that, in the next three months, you need to make sure you’re compliant with its requirements.
What happens if you don’t?
Your customers in the EU will want to make sure that you are cyber secure. So if you want to retain their business, and gain new customers, you’ll need to get things in order.
It’s also just a good idea for your cyber security to be as well managed as possible. It protects your business and puts you in a strong competitive position.
And that’s got to be good, right?
What cyber security training do you offer?
One of the essential requirements of NIS2 is to demonstrate that you have regular, ongoing cyber security training in place.
Why?
Because this helps to mitigate the risk of human error. After all, most security breaches are down to us. From guessable passwords, to careless clicks, to sophisticated scams, we are the hacker’s easiest way into an organisation.
What does good cyber security training look like?
Well, of course, we’re going to say it looks like Psybersafe. But actually, it really does look like Psybersafe.
One half-day’s training a year isn’t going to cut it. A printed out piece of A4 paper on the wall isn’t going to cut it either.
What you need is ongoing training that takes the latest hacks and trends into account.
Training that’s delivered in bite-sized chunks that reinforce learning.
Training that’s measurable, so you can see exactly who has done what – easy reporting, see?
Training that’s based on proven behaviour science, so you can be confident it’s actually making a difference.
Who do we know that does that?
We do! Psybersafe is used both in the UK and Europe by organisations that take cyber security seriously.
Learners love our short, fun, engaging episodes that make them take positive action.
And organisations love our focus on key cyber security issues, interactive dashboard and training accreditation.
Not just for NIS2!
Of course, if you’re an EU business or supplier, we’ll help you make sure you have great training that helps you stay compliant.
But our training works for any business, in any sector, anywhere. So get in touch to see what we’ve got to offer.
For more information you can contact our legal partner in Belgium: Legal Freaks. They can help you with pragmatic advice without legalese (and with fully transparent pricing!). Don’t hesitate to reach out to them at Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser. or by phone on +32 487544807.
Sign up to get our monthly newsletter, packed with hints and tips on how to stay cyber safe.
Mark Brown is a behavioural science expert with significant experience in inspiring organisational and culture change that lasts. If you’d like to chat about using Psybersafe in your business to help to stay cyber secure, contact Mark today.