The art of creating NIS 2 and safe habits. Will we be ready? – Opinion

By Bruno Gonsves

In a developing world of cyber threats every moment, it is imperative to rethink the look of digital society. Creating uniform cyber security rules at the European level is not just a technical or bureaucratic measurement – it is a commitment to the safety of citizens, companies and states. The goal is obvious: strengthening elasticity in the face of growing, sophisticated and effective attacks on the daily life of modern societies.

The impact of the NIS2 command depends on the inclusion of the simplest but stable methods rooted in the daily routine of the NIS2 command, just as significant changes in life are built from small daily habits. This transformation policy is in compliance with the regulations, which indicates the safety culture that becomes an integral part of daily life.

The implementation of the NIS2 Directive in Portugal – which replaces the 2016 NIS command – a landmark indicating this commitment. More than 160,000 European companies have to receive their security systems, otherwise we face heavy penalties that make a oscillation between 7 and 10 million euros. This new control overcomes the consent of the Legislature, which indicates a strategic response to the real losses that threaten national security and economic stability.

A perfect example of this action will assess the consent with the current Directive NIS, which promoted to many Portuguese companies by the National Cyber ​​Seucurity Center (CNCS). With an imminent transformation of NIS2, more and more entities are subject to audits, it can increase the level of responsibility and toughness in terms of digital safety. However, the implementation of the new regulations itself is not sufficient. There is a real challenge in consolidating them in institutional culture, management and people’s daily behavior. Many companies and citizens still face digital security as a bureaucracy, feeding the dangerous belief that “only happens to others”. In this case, the thoughts of James Clear, the authorNuclear habits

They receive special v: The main transitions do not get rid of sudden changes, but stable from small repeated actions.

Therefore, the effect of NIS2 depends on the adoption of security habits that integrate in everyday life. Multifactor is a regular use of authentication, continuous training of employees in relation to cyber threats and basic security processes (for example, proper management and extra care for suspicious email) -It is understandable of the difference between a harmful organization and a really protective organization.

In accordance with the rules, it is essential to create a mass identity based on security. By cultivating the “safe organization” psychology, we have established a culture of active and responsible behavior instead of “meeting the rules”. Small daily improvements may seem very low at first glance, the possibility of producing ghost effects, to protect data, reputation and businesses.

However, in the current scenario it is concerned: a recent IDC study has revealed that 47% of Portuguese companies are not known about the NIS2 command. This reality also reflects in dialogues with various national institutions, as many organizations – due to lack of resources or ignorance – proves that the implementation of new needs has not yet developed.

To deal with this challenge, maintain a full security assessment, which allows you to identify weaknesses, complex dependencies and necessary processes, as well as ensuring the presence of list and updated risk analysis – the basic elements to define concrete actions and raise awareness to events.

In the second stage, the implementation of necessary safety controls is imperative. For example, network access, generalized multifactor authentication and advanced email protection-basic but basic strict control.

Finally, special services such as overseeing, analyzing, and responsive security operations centers (SOC) are indispensable. When built with MXDR (managed expanding identity and response) system, these centers can significantly expand the threat and response capabilities, ensure active surveillance and reporting, which is strictly satisfying the requirements of the NIS2 command.

The implementation of European regulations should not be seen as a bureaucratic burden, but as an opportunity to adopt small daily methods that add effective security. As James Clear emphasizes, it is a stable smaller changes that can cause great results. In terms of cyber security, these habits are decisive to prevent future crises.

Portugal has an important challenge with the NIS2 command. It is time to recognize that digital security is beyond legal responsibility. Above all, in life and cyber security, small habits together increase big changes.