Today : E030-2024 Cyberium Podcast - NIS2 Directive - New Frontiers in European Cybersecurity and Technical Challenges for Businesses https://technocratico.it/2024/09/direttiva-nis2-nuove-frontiere-della-cybersicurezza-europea-e-le-sfide-tecniche-per-le-aziende/
Each episode, we delve into articles published on technocratico.it by Raffaele Di Marzio, bringing them to life with thorough discussions in English. Our mission is to unravel how technology affects every facet of our personal and professional lives in a simple yet precise manner. Whether you're a tech professional seeking expert insights or a casual listener curious about how digital security impacts your daily life, Cyberium is your gateway to understanding the holistic influence of technology.
Tune in to gain valuable perspectives and stay ahead in the rapidly evolving tech landscape.
All reproductions rights are reserved by Cyberium Media Miami Productions and Technocratico.it
Content creatore : Raffaele DI MARZIO https://www.linkedin.com/in/raffaeledimarzio/
For inquiries, you can reach us at podcast@cyberium.media.
Each episode, we delve into articles published on technocratico.it by Raffaele Di Marzio, bringing them to life with thorough discussions in English. Our mission is to unravel how technology affects every facet of our personal and professional lives in a simple yet precise manner. Whether you're a tech professional seeking expert insights or a casual listener curious about how digital security impacts your daily life, Cyberium is your gateway to understanding the holistic influence of technology.
Tune in to gain valuable perspectives and stay ahead in the rapidly evolving tech landscape.
All reproductions rights are reserved by Cyberium Media Miami Productions and Technocratico.it
Content creatore : Raffaele DI MARZIO https://www.linkedin.com/in/raffaeledimarzio/
For inquiries, you can reach us at podcast@cyberium.media.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:02):
Welcome to Siberian Here, technology and cybersecurity are made simple
for everyone. Whether you're a tech geek or just curious
about the digital world, we've got you covered. Each episode
we dive into the latest topics from technocratico, dot it
and break them down so you can stay informed and protected.
(00:23):
This is a Siberian Media Miami production. Let's get into it.
Speaker 2 (00:28):
The scab and gulcious flame make us a blood bad
fame to love it to fuckings holess see usselves.
Speaker 3 (00:42):
And remember this.
Speaker 4 (00:49):
Never feel like cybersecurity rules change faster than faster than
you can keep up with. Like every time you think
you've got to handle on things, bam, there's a whole
new set of guidelines to worry about.
Speaker 5 (00:58):
It's a never ending game of cat and mouse.
Speaker 4 (01:01):
Right, yeah, exactly. And today's deep dive is all about
the EU's latest move in that game, NIS two. It's
their updated cybersecurity directive.
Speaker 3 (01:11):
And if you do any business in.
Speaker 4 (01:12):
Or with Europe, well, let's just say this episode is
a must listen.
Speaker 5 (01:16):
Absolutely. We're diving into a really insightful article from Technocratico
dot it that breaks down all the technical ins and
outs of NIS two.
Speaker 4 (01:24):
So the article calls NIS two an evolution, not a revolution.
They're building on the existing NIS directive from twenty sixteen,
which makes sense.
Speaker 3 (01:32):
But what are we talking about.
Speaker 4 (01:33):
Here in terms of actual changes? What's different this time around?
Speaker 5 (01:36):
Well, for starters, the scope is way bigger, like massively bigger.
Speaker 4 (01:39):
Okay, so bigger?
Speaker 5 (01:40):
How so NIS one mainly focused on what they called
essential services, you know, things like power grids, hospitals, air
traffic control, that sort of thing, right, the.
Speaker 4 (01:49):
Really critical stuff that if it went down, would cause
major problems exactly.
Speaker 5 (01:53):
But the thing is cyber attacks, they don't discriminate, and
the EU is finally acknowledging that with NIS two, and.
Speaker 4 (01:59):
The article really drives that point home. They're adding a
whole new category under NIS two, Critical entities.
Speaker 5 (02:06):
Yeah, and that's where things get really interesting for well,
pretty much everyone. We're talking finance, transportation, digital providers, even
online marketplaces. If your industry touches data, and let's face it,
who isn't dealing with data these days? NIS two is
coming for you.
Speaker 4 (02:22):
Wow. It sounds like they're casting a much wider net
this time around. It's not just about preventing blackouts anymore.
It's about protecting well the entire digital ecosystem.
Speaker 5 (02:33):
It's about time too, the sophistication, and frankly, the number
of cyber attacks we're seeing these days is just mind blowing.
It's like every day there's a new data breach or
a ransomware attack making headlines.
Speaker 4 (02:44):
I know, right, It's almost impossible to keep up with
it all, which I guess is exactly why the EU
is taking this more proactive stance with NIS two.
Speaker 5 (02:52):
And it's a huge shift from the old way of
doing things.
Speaker 4 (02:55):
So less about reacting to individual incidents and more about
trying to what predict the future of cyber attacks.
Speaker 5 (03:02):
In a way, yes, but more about building resilience into
every system, every process. The article uses this great analogy
of a zero trust architecture to describe it zero trust.
Speaker 4 (03:12):
Okay, I think I've heard that term thrown around before,
but to be honest, I'm not entirely sure I get it.
Speaker 3 (03:16):
Can you unpack that a bit?
Speaker 5 (03:17):
Basically, it means you're constantly verifying everyone and everything, even
if they're already inside your network. Think of it like,
imagine you work in a high security building.
Speaker 4 (03:26):
Like one of those places with figure print scanners and
security guards on every corner.
Speaker 5 (03:30):
Yeah, exactly. So with zero trust, even if you've already
made it past all those initial security checks, you'll still
need to constantly reauthenticate yourself to access different areas or information.
Speaker 4 (03:41):
Huh. So, even if you're already inside the system, you
still have to jump through all these hoops.
Speaker 5 (03:46):
Exactly. It's all about assuming that no one and nothing
is to be trusted inherently, not even your own employees
or systems, because the reality is it only takes one
week link in the chain for an attacker to slip through.
Think about those recent supply chain attacks where hackers targeted
a software vendor to gain access to hundreds of their
(04:08):
client systems at once. Yeah, those are scary, and that's
precisely the kind of scenario INIS two is designed to prevent.
Speaker 4 (04:14):
So it's all about layers upon layers of security, Like
even if you managed to get through one door, there's
another one right behind it, and another one after.
Speaker 5 (04:22):
That, pretty much. And with those extra layers come well,
you guessed did a whole bunch of new rules and regulation.
Speaker 4 (04:29):
Oh I bet, what are we talking about here?
Speaker 5 (04:31):
Well, one of the biggest changes NIS two brings is
an incident reporting.
Speaker 4 (04:35):
Incident reporting like when a company gets.
Speaker 5 (04:37):
Hacked exactly, and get this, under NIS two organizations will
have a grand total of twenty four hours to report
a cybersecurity breach.
Speaker 4 (04:46):
Twenty four hours.
Speaker 3 (04:47):
Seriously, that's like no time at all.
Speaker 5 (04:49):
Nope, the clock starts ticking the second they become aware
of an incident. No more sweeping things under the rug
or hoping nobody notices.
Speaker 4 (04:56):
I guess that makes sense though, right. I mean, the
faster things are reported, the as everyone can band together
to like contain the damage and prevent copycat attack.
Speaker 5 (05:05):
Precisely, it creates a real sense of urgency for companies
to you know, get their cybersecurity act together.
Speaker 4 (05:12):
Yeah, no kidding, But that twenty four hour rule, that's
got to put a ton of pressure on their internal
processes and technology, doesn't it, Like how do you even
detect and report something that quickly?
Speaker 5 (05:21):
That's where things get really interesting on the tech side.
The article actually talks about this. They say that SIME
systems are going to be absolutely crucial in this new landscape.
Speaker 4 (05:31):
Okay, sign systems. Now, I have to admit I'm not
familiar with those. Break it down for me.
Speaker 5 (05:36):
So basically, a SIME system is like having an all
seeing eye on your entire network. It collects data from everywhere,
your servers, your emails, your applications, everything, and then it
analyzes all of that data for any signs of suspicious activity.
Speaker 4 (05:48):
So like a centralized security system for all things digital exactly.
Speaker 5 (05:53):
And the beauty of it is that it happens in
real time. So instead of having some poor soul manually
checking every look and cranny of the network for something
that looks off, the SIME system does it all automatically.
Speaker 4 (06:04):
Okay, that makes sense. So it's not just about speed,
it's also about connecting the dots right.
Speaker 5 (06:08):
Absolutely, a good SIME system can analyze mountains of data
and spot patterns that humans might miss entirely, which, let's
face it, is going to be essential if you're trying
to meet that twenty four hour reporting deadline totally.
Speaker 4 (06:22):
So what you're saying is that a lot of companies
might need to invest in some new tools and processes,
even if they think their current security setup.
Speaker 3 (06:30):
Is pretty good.
Speaker 5 (06:31):
You got it. And that brings up another really important point,
which is what about smaller businesses?
Speaker 4 (06:38):
That's a really good point. I was just thinking about
that myself. Does NIS two even apply to them? I
mean they don't have the same resources as these massive corporations.
It does.
Speaker 5 (06:46):
In fact, that's one of the biggest changes with NIS two.
Speaker 3 (06:49):
Really.
Speaker 5 (06:49):
Yeah, they're recognizing that cyber criminals often target smaller businesses
because their security might not be as tight. No more
flying under the radar.
Speaker 3 (06:58):
Wow, So even if you're a small company, you still
need to be up to speed on all of this
one hundred percent.
Speaker 5 (07:03):
And the article actually acknowledges the challenges that SMEs face.
They point to solutions like managed security services or MSSPs.
Speaker 4 (07:13):
MSSPs okay, so what are those?
Speaker 5 (07:14):
So basically, these providers handle all of your cybersecurity needs
for you, everything from threat detection to compliance audits. Takes
a lot of the burden off of smaller businesses, So it's.
Speaker 4 (07:26):
Kind of like outsourcing your cybersecurity.
Speaker 5 (07:27):
To the experts exactly, which, let's be real, is a
pretty smart move for a smaller company that maybe can't
afford to build out a whole security team in house.
Speaker 3 (07:37):
For sure.
Speaker 4 (07:37):
But it sounds like it's not just about private companies
stepping up their game here. It sounds like the EU
is putting their money where their mouth is too.
Speaker 5 (07:45):
They are The article even mentioned potential government grants and
financial assistance to help SMEs implement these new security measures.
Speaker 4 (07:53):
Okay, so there's some support available, which is great. It
sounds like they're really trying to level the playing field
a little bit.
Speaker 3 (07:58):
When it comes to CyberSecure.
Speaker 4 (08:00):
It's not just about individual companies scrambling to protect themselves.
It's about creating a culture of cybersecurity across the entire EU.
Speaker 5 (08:08):
Right exactly, And a huge part of that is better
coordination and collaboration. One thing the article talks about is
how NIS two will strengthen national computer Security Incident Response
Teams or CRX.
Speaker 3 (08:21):
Right.
Speaker 4 (08:21):
The CRX, Yeah, the first responders of cyberspace. They show
up to help clean up the mess after an attack,
right Yeah. The are the ones you call when you've
when you've had a cybersecurity incident, you need help.
Speaker 3 (08:31):
Right.
Speaker 4 (08:31):
Like, what exactly does ANIS two change for them?
Speaker 5 (08:35):
Well, for one thing, they're gonna have to work a
lot more closely with each other, like all the national
se SARTs across the EU, sharing information best practices, that
sort of thing.
Speaker 4 (08:44):
So kind of like a united front against cyber threats.
Speaker 5 (08:47):
Exactly, because let's face it, when you're up against these
highly sophisticated cyber criminals who are constantly sharing tactics and
upping their game. It only makes sense to you know,
combat that with a coordinated effort strengthen numbers, right exactly,
and to really boost that collaborative spirit. And I two
is also setting up this new European Cybersecurity Competence Center.
Speaker 4 (09:09):
Okay, and what is that exactly? What do they do?
Speaker 5 (09:11):
Think of it like a think tank for all things cybersecurity.
They'll be focused on research and development, setting cutting edge
standards for cybersecurity that can be adopted across the entire EU,
kind of like a centralized hub of expertise.
Speaker 4 (09:24):
So they're not just playing defense. They're going on the
offense too, trying to stay one step ahead of the
bad guys. Which I got to say, that's pretty reassuring.
Speaker 5 (09:33):
It's definitely a step in the right direction. But you know,
all this collaboration and support is great. But let's be
real for a second. What about the companies that just
like drag their feet. What happens if they don't comply
with NIS two.
Speaker 4 (09:46):
Yeah, because we can talk about all the best practices
and new technologies under the sun, but if there are
no consequences for ignoring all of it.
Speaker 5 (09:54):
Well, let's just say the EU isn't messing around this time.
The article makes that very clear. NIS two isn't cogestion.
It's the law and those stricter supervisory powers they mentioned,
they're not just for show. We're talking regulators having the
authority to conduct audits, demand information, even slap companies with
temporary bands if they're not meeting those security standards.
Speaker 4 (10:14):
Okay, so serious consequences then, And what about fines because
we all know those are usually a part of the
equation too.
Speaker 5 (10:21):
Oh, the finds are definitely in play and they're not
messing around with these either. We're talking potentially tens of
millions of euros or even a percentage of global turnover
for the most serious violations.
Speaker 4 (10:34):
Ouch. Yeah, I'd say that definitely gets companies' attention. No
more sweep in cybersecurity under the rug with those kinds
of numbers on the line, Not a chance.
Speaker 5 (10:42):
This is a wake up call, plain and simple. But
it's a good thing. Really, It's a much needed push
towards a more secure digital future for Europe and everyone
who does business there.
Speaker 4 (10:51):
Absolutely so, as we wrap up today's deep dive. What's
the one big takeaway you hope our listeners walk away with.
Speaker 5 (10:58):
I think the biggest thing to remember here is that
NIS two is a game changer and it impacts everyone.
Big corporations, small businesses, everyone. This isn't just about ticking
boxes on a compliance checklist. It's about making a real
commitment to cybersecurity at every level of your organization.
Speaker 4 (11:16):
Couldn't set a better myself and for our listeners. What's
the one thing from today's conversation that made you stop
and think? What's your next move going to be? Because
knowledge is power, but only if you actually use it.
Until next time, stay safe out there.
Speaker 2 (11:29):
Everyone Soundsta loves full results.
Speaker 3 (11:36):
Who are you.
Speaker 2 (11:37):
Going to draw?
Speaker 4 (11:42):
All reproduction rights are reserved by Siberium Media, Miami Production
and Technocratico dot It. For inquiries, you can reach us
at podcast at Siberium dot media.
Welcome to Siberian Here, technology and cybersecurity are made simple
for everyone. Whether you're a tech geek or just curious
about the digital world, we've got you covered. Each episode
we dive into the latest topics from technocratico, dot it
and break them down so you can stay informed and protected.
(00:23):
This is a Siberian Media Miami production. Let's get into it.
Speaker 2 (00:28):
The scab and gulcious flame make us a blood bad
fame to love it to fuckings holess see usselves.
Speaker 3 (00:42):
And remember this.
Speaker 4 (00:49):
Never feel like cybersecurity rules change faster than faster than
you can keep up with. Like every time you think
you've got to handle on things, bam, there's a whole
new set of guidelines to worry about.
Speaker 5 (00:58):
It's a never ending game of cat and mouse.
Speaker 4 (01:01):
Right, yeah, exactly. And today's deep dive is all about
the EU's latest move in that game, NIS two. It's
their updated cybersecurity directive.
Speaker 3 (01:11):
And if you do any business in.
Speaker 4 (01:12):
Or with Europe, well, let's just say this episode is
a must listen.
Speaker 5 (01:16):
Absolutely. We're diving into a really insightful article from Technocratico
dot it that breaks down all the technical ins and
outs of NIS two.
Speaker 4 (01:24):
So the article calls NIS two an evolution, not a revolution.
They're building on the existing NIS directive from twenty sixteen,
which makes sense.
Speaker 3 (01:32):
But what are we talking about.
Speaker 4 (01:33):
Here in terms of actual changes? What's different this time around?
Speaker 5 (01:36):
Well, for starters, the scope is way bigger, like massively bigger.
Speaker 4 (01:39):
Okay, so bigger?
Speaker 5 (01:40):
How so NIS one mainly focused on what they called
essential services, you know, things like power grids, hospitals, air
traffic control, that sort of thing, right, the.
Speaker 4 (01:49):
Really critical stuff that if it went down, would cause
major problems exactly.
Speaker 5 (01:53):
But the thing is cyber attacks, they don't discriminate, and
the EU is finally acknowledging that with NIS two, and.
Speaker 4 (01:59):
The article really drives that point home. They're adding a
whole new category under NIS two, Critical entities.
Speaker 5 (02:06):
Yeah, and that's where things get really interesting for well,
pretty much everyone. We're talking finance, transportation, digital providers, even
online marketplaces. If your industry touches data, and let's face it,
who isn't dealing with data these days? NIS two is
coming for you.
Speaker 4 (02:22):
Wow. It sounds like they're casting a much wider net
this time around. It's not just about preventing blackouts anymore.
It's about protecting well the entire digital ecosystem.
Speaker 5 (02:33):
It's about time too, the sophistication, and frankly, the number
of cyber attacks we're seeing these days is just mind blowing.
It's like every day there's a new data breach or
a ransomware attack making headlines.
Speaker 4 (02:44):
I know, right, It's almost impossible to keep up with
it all, which I guess is exactly why the EU
is taking this more proactive stance with NIS two.
Speaker 5 (02:52):
And it's a huge shift from the old way of
doing things.
Speaker 4 (02:55):
So less about reacting to individual incidents and more about
trying to what predict the future of cyber attacks.
Speaker 5 (03:02):
In a way, yes, but more about building resilience into
every system, every process. The article uses this great analogy
of a zero trust architecture to describe it zero trust.
Speaker 4 (03:12):
Okay, I think I've heard that term thrown around before,
but to be honest, I'm not entirely sure I get it.
Speaker 3 (03:16):
Can you unpack that a bit?
Speaker 5 (03:17):
Basically, it means you're constantly verifying everyone and everything, even
if they're already inside your network. Think of it like,
imagine you work in a high security building.
Speaker 4 (03:26):
Like one of those places with figure print scanners and
security guards on every corner.
Speaker 5 (03:30):
Yeah, exactly. So with zero trust, even if you've already
made it past all those initial security checks, you'll still
need to constantly reauthenticate yourself to access different areas or information.
Speaker 4 (03:41):
Huh. So, even if you're already inside the system, you
still have to jump through all these hoops.
Speaker 5 (03:46):
Exactly. It's all about assuming that no one and nothing
is to be trusted inherently, not even your own employees
or systems, because the reality is it only takes one
week link in the chain for an attacker to slip through.
Think about those recent supply chain attacks where hackers targeted
a software vendor to gain access to hundreds of their
(04:08):
client systems at once. Yeah, those are scary, and that's
precisely the kind of scenario INIS two is designed to prevent.
Speaker 4 (04:14):
So it's all about layers upon layers of security, Like
even if you managed to get through one door, there's
another one right behind it, and another one after.
Speaker 5 (04:22):
That, pretty much. And with those extra layers come well,
you guessed did a whole bunch of new rules and regulation.
Speaker 4 (04:29):
Oh I bet, what are we talking about here?
Speaker 5 (04:31):
Well, one of the biggest changes NIS two brings is
an incident reporting.
Speaker 4 (04:35):
Incident reporting like when a company gets.
Speaker 5 (04:37):
Hacked exactly, and get this, under NIS two organizations will
have a grand total of twenty four hours to report
a cybersecurity breach.
Speaker 4 (04:46):
Twenty four hours.
Speaker 3 (04:47):
Seriously, that's like no time at all.
Speaker 5 (04:49):
Nope, the clock starts ticking the second they become aware
of an incident. No more sweeping things under the rug
or hoping nobody notices.
Speaker 4 (04:56):
I guess that makes sense though, right. I mean, the
faster things are reported, the as everyone can band together
to like contain the damage and prevent copycat attack.
Speaker 5 (05:05):
Precisely, it creates a real sense of urgency for companies
to you know, get their cybersecurity act together.
Speaker 4 (05:12):
Yeah, no kidding, But that twenty four hour rule, that's
got to put a ton of pressure on their internal
processes and technology, doesn't it, Like how do you even
detect and report something that quickly?
Speaker 5 (05:21):
That's where things get really interesting on the tech side.
The article actually talks about this. They say that SIME
systems are going to be absolutely crucial in this new landscape.
Speaker 4 (05:31):
Okay, sign systems. Now, I have to admit I'm not
familiar with those. Break it down for me.
Speaker 5 (05:36):
So basically, a SIME system is like having an all
seeing eye on your entire network. It collects data from everywhere,
your servers, your emails, your applications, everything, and then it
analyzes all of that data for any signs of suspicious activity.
Speaker 4 (05:48):
So like a centralized security system for all things digital exactly.
Speaker 5 (05:53):
And the beauty of it is that it happens in
real time. So instead of having some poor soul manually
checking every look and cranny of the network for something
that looks off, the SIME system does it all automatically.
Speaker 4 (06:04):
Okay, that makes sense. So it's not just about speed,
it's also about connecting the dots right.
Speaker 5 (06:08):
Absolutely, a good SIME system can analyze mountains of data
and spot patterns that humans might miss entirely, which, let's
face it, is going to be essential if you're trying
to meet that twenty four hour reporting deadline totally.
Speaker 4 (06:22):
So what you're saying is that a lot of companies
might need to invest in some new tools and processes,
even if they think their current security setup.
Speaker 3 (06:30):
Is pretty good.
Speaker 5 (06:31):
You got it. And that brings up another really important point,
which is what about smaller businesses?
Speaker 4 (06:38):
That's a really good point. I was just thinking about
that myself. Does NIS two even apply to them? I
mean they don't have the same resources as these massive corporations.
It does.
Speaker 5 (06:46):
In fact, that's one of the biggest changes with NIS two.
Speaker 3 (06:49):
Really.
Speaker 5 (06:49):
Yeah, they're recognizing that cyber criminals often target smaller businesses
because their security might not be as tight. No more
flying under the radar.
Speaker 3 (06:58):
Wow, So even if you're a small company, you still
need to be up to speed on all of this
one hundred percent.
Speaker 5 (07:03):
And the article actually acknowledges the challenges that SMEs face.
They point to solutions like managed security services or MSSPs.
Speaker 4 (07:13):
MSSPs okay, so what are those?
Speaker 5 (07:14):
So basically, these providers handle all of your cybersecurity needs
for you, everything from threat detection to compliance audits. Takes
a lot of the burden off of smaller businesses, So it's.
Speaker 4 (07:26):
Kind of like outsourcing your cybersecurity.
Speaker 5 (07:27):
To the experts exactly, which, let's be real, is a
pretty smart move for a smaller company that maybe can't
afford to build out a whole security team in house.
Speaker 3 (07:37):
For sure.
Speaker 4 (07:37):
But it sounds like it's not just about private companies
stepping up their game here. It sounds like the EU
is putting their money where their mouth is too.
Speaker 5 (07:45):
They are The article even mentioned potential government grants and
financial assistance to help SMEs implement these new security measures.
Speaker 4 (07:53):
Okay, so there's some support available, which is great. It
sounds like they're really trying to level the playing field
a little bit.
Speaker 3 (07:58):
When it comes to CyberSecure.
Speaker 4 (08:00):
It's not just about individual companies scrambling to protect themselves.
It's about creating a culture of cybersecurity across the entire EU.
Speaker 5 (08:08):
Right exactly, And a huge part of that is better
coordination and collaboration. One thing the article talks about is
how NIS two will strengthen national computer Security Incident Response
Teams or CRX.
Speaker 3 (08:21):
Right.
Speaker 4 (08:21):
The CRX, Yeah, the first responders of cyberspace. They show
up to help clean up the mess after an attack,
right Yeah. The are the ones you call when you've
when you've had a cybersecurity incident, you need help.
Speaker 3 (08:31):
Right.
Speaker 4 (08:31):
Like, what exactly does ANIS two change for them?
Speaker 5 (08:35):
Well, for one thing, they're gonna have to work a
lot more closely with each other, like all the national
se SARTs across the EU, sharing information best practices, that
sort of thing.
Speaker 4 (08:44):
So kind of like a united front against cyber threats.
Speaker 5 (08:47):
Exactly, because let's face it, when you're up against these
highly sophisticated cyber criminals who are constantly sharing tactics and
upping their game. It only makes sense to you know,
combat that with a coordinated effort strengthen numbers, right exactly,
and to really boost that collaborative spirit. And I two
is also setting up this new European Cybersecurity Competence Center.
Speaker 4 (09:09):
Okay, and what is that exactly? What do they do?
Speaker 5 (09:11):
Think of it like a think tank for all things cybersecurity.
They'll be focused on research and development, setting cutting edge
standards for cybersecurity that can be adopted across the entire EU,
kind of like a centralized hub of expertise.
Speaker 4 (09:24):
So they're not just playing defense. They're going on the
offense too, trying to stay one step ahead of the
bad guys. Which I got to say, that's pretty reassuring.
Speaker 5 (09:33):
It's definitely a step in the right direction. But you know,
all this collaboration and support is great. But let's be
real for a second. What about the companies that just
like drag their feet. What happens if they don't comply
with NIS two.
Speaker 4 (09:46):
Yeah, because we can talk about all the best practices
and new technologies under the sun, but if there are
no consequences for ignoring all of it.
Speaker 5 (09:54):
Well, let's just say the EU isn't messing around this time.
The article makes that very clear. NIS two isn't cogestion.
It's the law and those stricter supervisory powers they mentioned,
they're not just for show. We're talking regulators having the
authority to conduct audits, demand information, even slap companies with
temporary bands if they're not meeting those security standards.
Speaker 4 (10:14):
Okay, so serious consequences then, And what about fines because
we all know those are usually a part of the
equation too.
Speaker 5 (10:21):
Oh, the finds are definitely in play and they're not
messing around with these either. We're talking potentially tens of
millions of euros or even a percentage of global turnover
for the most serious violations.
Speaker 4 (10:34):
Ouch. Yeah, I'd say that definitely gets companies' attention. No
more sweep in cybersecurity under the rug with those kinds
of numbers on the line, Not a chance.
Speaker 5 (10:42):
This is a wake up call, plain and simple. But
it's a good thing. Really, It's a much needed push
towards a more secure digital future for Europe and everyone
who does business there.
Speaker 4 (10:51):
Absolutely so, as we wrap up today's deep dive. What's
the one big takeaway you hope our listeners walk away with.
Speaker 5 (10:58):
I think the biggest thing to remember here is that
NIS two is a game changer and it impacts everyone.
Big corporations, small businesses, everyone. This isn't just about ticking
boxes on a compliance checklist. It's about making a real
commitment to cybersecurity at every level of your organization.
Speaker 4 (11:16):
Couldn't set a better myself and for our listeners. What's
the one thing from today's conversation that made you stop
and think? What's your next move going to be? Because
knowledge is power, but only if you actually use it.
Until next time, stay safe out there.
Speaker 2 (11:29):
Everyone Soundsta loves full results.
Speaker 3 (11:36):
Who are you.
Speaker 2 (11:37):
Going to draw?
Speaker 4 (11:42):
All reproduction rights are reserved by Siberium Media, Miami Production
and Technocratico dot It. For inquiries, you can reach us
at podcast at Siberium dot media.
Popular Podcasts
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Clay Travis and Buck Sexton Show
The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.